diff --git a/Inspection/Js/security.sh b/Inspection/Js/security.sh index ac7a172..56414a7 100755 --- a/Inspection/Js/security.sh +++ b/Inspection/Js/security.sh @@ -7,36 +7,9 @@ echo "Start js security inspection" echo "#################################################" # JS code inspection -CODE[0]="onload" -CODE[1]="onclick" -CODE[2]="onchange" -CODE[3]="onselect" -CODE[4]="onsubmit" -CODE[5]="onfocus" -CODE[6]="onresize" -CODE[7]="onreset" -CODE[8]="onunload" -CODE[9]="onkeyup" -CODE[10]="onkeydown" -CODE[11]="onkeypress" -CODE[12]="onerror" -CODE[13]="ondragdrop" -CODE[14]="onabort" -CODE[15]="ondblclick" -CODE[16]="onmousedown" -CODE[17]="onmousemove" -CODE[18]="onmouseout" -CODE[19]="onmouseover" -CODE[20]="onmouseup" -CODE[21]="onmove" -CODE[22]="onblur" - -for i in "${CODE[@]}" -do - grep -rlni "$i" --include \*.js ${ROOT_PATH}/jsOMS >> ${INSPECTION_PATH}/Framework/critical_js.log - grep -rlni "$i" --include \*.js ${ROOT_PATH}/Modules >> ${INSPECTION_PATH}/Modules/critical_js.log - grep -rlni "$i" --include \*.js ${ROOT_PATH}/Web >> ${INSPECTION_PATH}/Web/critical_js.log -done +grep -rlni "onafterprint=\|onbeforeprint=\|onbeforeunload=\|onerror=\|onhaschange=\|onload=\|onmessage=\|onoffline=\|ononline=\|onpagehide=\|onpageshow=\|onpopstate=\|onredo=\|onresize=\|onstorage=\|onund=o\|onunload=\|onblur=\|onchage=\|oncontextmenu=\|onfocus=\|onformchange=\|onforminput=\|oninput=\|oninvalid=\|onreset=\|onselect=\|onsubmit=\|onkeydown=\|onkeypress=\|onkeyup=\|onclick=\|ondblclic=k\|ondrag=\|ondragend=\|ondragenter=\|ondragleave=\|ondragover=\|ondragstart=\|ondrop=\|onmousedown=\|onmousemove=\|onmouseout=\|onmouseover=\|onmouseup=\|onmousewheel=\|onscroll=\|onabor=t\|oncanplay=\|oncanplaythrough=\|ondurationchange=\|onemptied=\|onended=\|onerror=\|onloadeddata=\|onloadedmetadata=\|onloadstart=\|onpause=\|onplay=\|onplaying=\|onprogress=\|onratechange=\|onreadystatechange=\|onseeked=\|onseeking=\|onstalled=\|onsuspend=\|ontimeupdate=\|onvolumechange=" --include=*.js ${ROOT_PATH}/jsOMS >> ${INSPECTION_PATH}/Framework/critical_js.log +grep -rlni "onafterprint=\|onbeforeprint=\|onbeforeunload=\|onerror=\|onhaschange=\|onload=\|onmessage=\|onoffline=\|ononline=\|onpagehide=\|onpageshow=\|onpopstate=\|onredo=\|onresize=\|onstorage=\|onund=o\|onunload=\|onblur=\|onchage=\|oncontextmenu=\|onfocus=\|onformchange=\|onforminput=\|oninput=\|oninvalid=\|onreset=\|onselect=\|onsubmit=\|onkeydown=\|onkeypress=\|onkeyup=\|onclick=\|ondblclic=k\|ondrag=\|ondragend=\|ondragenter=\|ondragleave=\|ondragover=\|ondragstart=\|ondrop=\|onmousedown=\|onmousemove=\|onmouseout=\|onmouseover=\|onmouseup=\|onmousewheel=\|onscroll=\|onabor=t\|oncanplay=\|oncanplaythrough=\|ondurationchange=\|onemptied=\|onended=\|onerror=\|onloadeddata=\|onloadedmetadata=\|onloadstart=\|onpause=\|onplay=\|onplaying=\|onprogress=\|onratechange=\|onreadystatechange=\|onseeked=\|onseeking=\|onstalled=\|onsuspend=\|ontimeupdate=\|onvolumechange=" --include=*.js ${ROOT_PATH}/Modules >> ${INSPECTION_PATH}/Modules/critical_js.log +grep -rlni "onafterprint=\|onbeforeprint=\|onbeforeunload=\|onerror=\|onhaschange=\|onload=\|onmessage=\|onoffline=\|ononline=\|onpagehide=\|onpageshow=\|onpopstate=\|onredo=\|onresize=\|onstorage=\|onund=o\|onunload=\|onblur=\|onchage=\|oncontextmenu=\|onfocus=\|onformchange=\|onforminput=\|oninput=\|oninvalid=\|onreset=\|onselect=\|onsubmit=\|onkeydown=\|onkeypress=\|onkeyup=\|onclick=\|ondblclic=k\|ondrag=\|ondragend=\|ondragenter=\|ondragleave=\|ondragover=\|ondragstart=\|ondrop=\|onmousedown=\|onmousemove=\|onmouseout=\|onmouseover=\|onmouseup=\|onmousewheel=\|onscroll=\|onabor=t\|oncanplay=\|oncanplaythrough=\|ondurationchange=\|onemptied=\|onended=\|onerror=\|onloadeddata=\|onloadedmetadata=\|onloadstart=\|onpause=\|onplay=\|onplaying=\|onprogress=\|onratechange=\|onreadystatechange=\|onseeked=\|onseeking=\|onstalled=\|onsuspend=\|ontimeupdate=\|onvolumechange=" --include=*.js ${ROOT_PATH}/Web >> ${INSPECTION_PATH}/Web/critical_js.log # JS strict type grep -r -L "\"use strict\";" --include=*.js ${ROOT_PATH}/jsOMS > ${INSPECTION_PATH}/Framework/strict_missing_js.log diff --git a/Inspection/Php/security.sh b/Inspection/Php/security.sh index 4276533..1d74ed3 100755 --- a/Inspection/Php/security.sh +++ b/Inspection/Php/security.sh @@ -52,7 +52,7 @@ do done # PHP strict type -grep -r -L "declare\(strict_types=1\);" --include=*.php ${ROOT_PATH}/phpOMS > ${INSPECTION_PATH}/Framework/strict_missing_php.log -grep -r -L "declare\(strict_types=1\);" --include=*.php ${ROOT_PATH}/Modules > ${INSPECTION_PATH}/Modules/strict_missing_php.log -grep -r -L "declare\(strict_types=1\);" --include=*.php ${ROOT_PATH}/Model > ${INSPECTION_PATH}/Model/strict_missing_php.log -grep -r -L "declare\(strict_types=1\);" --include=*.php ${ROOT_PATH}/Web > ${INSPECTION_PATH}/Web/strict_missing_php.log \ No newline at end of file +grep -r -L "declare(strict_types=1);" --include=*.php --exclude={*.tpl.php,*Hooks.php,*Routes.php,*SearchCommands.php} ${ROOT_PATH}/phpOMS > ${INSPECTION_PATH}/Framework/strict_missing_php.log +grep -r -L "declare(strict_types=1);" --include=*.php --exclude={*.tpl.php,*Hooks.php,*Routes.php,*SearchCommands.php} ${ROOT_PATH}/Modules > ${INSPECTION_PATH}/Modules/strict_missing_php.log +grep -r -L "declare(strict_types=1);" --include=*.php --exclude={*.tpl.php,*Hooks.php,*Routes.php,*SearchCommands.php} ${ROOT_PATH}/Model > ${INSPECTION_PATH}/Model/strict_missing_php.log +grep -r -L "declare(strict_types=1);" --include=*.php --exclude={*.tpl.php,*Hooks.php,*Routes.php,*SearchCommands.php} ${ROOT_PATH}/Web > ${INSPECTION_PATH}/Web/strict_missing_php.log \ No newline at end of file diff --git a/Inspection/Php/tests.sh b/Inspection/Php/tests.sh index 40caaaa..8ad219b 100755 --- a/Inspection/Php/tests.sh +++ b/Inspection/Php/tests.sh @@ -18,8 +18,3 @@ php -d memory_limit=4G ${TOOLS_PATH}/phpstan.phar analyse --autoload-file=${ROOT php -d memory_limit=4G ${TOOLS_PATH}/phpstan.phar analyse --autoload-file=${ROOT_PATH}/phpOMS/Autoloader.php -l 7 -c ${BUILD_PATH}/Config/phpstan.neon ${ROOT_PATH}/Web > ${INSPECTION_PATH}/Web/phpstan.log php -d memory_limit=4G ${TOOLS_PATH}/phpstan.phar analyse --autoload-file=${ROOT_PATH}/phpOMS/Autoloader.php -l 7 -c ${BUILD_PATH}/Config/phpstan.neon --error-format=json ${ROOT_PATH}/phpOMS > ${INSPECTION_PATH}/Test/Php/phpstan.json - -php ${TOOLS_PATH}/phan.phar -k ${BUILD_PATH}/Config/phan.php -l ${ROOT_PATH}/phpOMS -m text --minimum-severity=0 --color -o ${INSPECTION_PATH}/Framework/phan.log -php ${TOOLS_PATH}/phan.phar -k ${BUILD_PATH}/Config/phan.php -l ${ROOT_PATH}/Modules -m text --minimum-severity=0 --color -o ${INSPECTION_PATH}/Modules/phan.log -php ${TOOLS_PATH}/phan.phar -k ${BUILD_PATH}/Config/phan.php -l ${ROOT_PATH}/Model -m text --minimum-severity=0 --color -o ${INSPECTION_PATH}/Model/phan.log -php ${TOOLS_PATH}/phan.phar -k ${BUILD_PATH}/Config/phan.php -l ${ROOT_PATH}/Web -m text --minimum-severity=0 --color -o ${INSPECTION_PATH}/Web/phan.log diff --git a/config.sh b/config.sh index 846cd09..c6eea74 100755 --- a/config.sh +++ b/config.sh @@ -15,7 +15,7 @@ MAIL_ADDR="" # Authentications DB_USER="root" -DB_PASSWORD="" +DB_PASSWORD="root" # Git variables GITHUB_URL[0]="https://github.com/Orange-Management/Orange-Management.git"