secure-code-checker/secure-code-checker.php at main · BeachDyerJournal/secure-code-checker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
<?php
// Secure Code Checker - Automates security checks in PHP codebases.

// Check if the required PHP version is installed
if (version_compare(PHP_VERSION, '7.0.0', '<')) {
    die('This script requires PHP version 7.0 or higher.');
}

// Load required dependencies
require 'vendor/autoload.php';

// Function to scan a directory for PHP files
function scanDirectory($dir) {
    $files = [];
    foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator($dir)) as $file) {
        if ($file->isFile() && $file->getExtension() === 'php') {
            $files[] = $file->getRealPath();
        }
    }
    return $files;
}

// Function to perform security checks on a PHP file
function checkFile($file) {
    // Placeholder for actual security checks
    $report = [];
    // Check for eval usage - a common security flaw
    $content = file_get_contents($file);
    if (stripos($content, 'eval(') !== false) {
        $report[] = 'Security Warning: eval() found in ' . $file;
    }
    // Additional checks can be added here
    return $report;
}

// Main script execution
if ($argc < 2) {
    echo "Usage: php secure-code-checker.php /path/to/php/code\n";
    exit(1);
}

$path = $argv[1];
$files = scanDirectory($path);
$finalReport = [];

foreach ($files as $file) {
    $result = checkFile($file);
    if (!empty($result)) {
        $finalReport = array_merge($finalReport, $result);
    }
}

// Output the final report
if (empty($finalReport)) {
    echo "No security issues found.\n";
} else {
    echo "Security Issues Found:\n";
    foreach ($finalReport as $issue) {
        echo $issue . '\n';
    }
}