Quote
Thank you. Assumed resolved.
- by hien
// Scan image files for malicious code
function verify_image($file) {
$txt = file_get_contents($file);
$image_safe = true;
// if (preg_match('#<?php#i', $txt)) { $image_safe = false; } // this line has BAD regex, cause < and ? is special symbols for regexes this condition is true if u have just $txt = ".....php...." not just for "....<?php....."
if (preg_match('#\<\?php#i', $txt)) { $image_safe = false; } // this is better and function for me
elseif (preg_match('#&(quot|lt|gt|nbsp|<?php);#i', $txt)) { $image_safe = false; }
elseif (preg_match("#&\#x([0-9a-f]+);#i", $txt)) { $image_safe = false; }
elseif (preg_match('#&\#([0-9]+);#i', $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\\'\"]*)script:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\
\'\"]*)javascript:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#([a-z]*)=([\'\"]*)vbscript:#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#(<[^>]+)style=([\\'\"]*).*expression\([^>]*>#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#(<[^>]+)style=([\
\'\"]*).*behaviour\([^>]*>#iU", $txt)) { $image_safe = false; }
elseif (preg_match("#</*(applet|link|style|script|iframe|frame|frameset)[^>]*>#i", $txt)) { $image_safe = false; }
return $image_safe;
}
if (preg_match('#<\?php#i', $txt)) {
if (preg_match('#\<\?php#i', $txt)) {
Category Forum
Suspected Bugs and Errors - 9Labels
None yet
Statistics
9 participants
Notifications
You are not receiving notifications from this thread.
Related Questions