From 42c9f5bb1f341a8efa049230436c627bcf8d5431 Mon Sep 17 00:00:00 2001 From: Marco Cesarato Date: Sat, 9 Jan 2021 18:05:48 +0100 Subject: [PATCH] fix(wordpress): multi checksum arrays --- src/Modules/Wordpress.php | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/src/Modules/Wordpress.php b/src/Modules/Wordpress.php index 14cd367..1b5b7a5 100644 --- a/src/Modules/Wordpress.php +++ b/src/Modules/Wordpress.php @@ -13,7 +13,7 @@ use GlobIterator; use marcocesarato\amwscan\Cache; -use marcocesarato\amwscan\Console; +use marcocesarato\amwscan\Console\CLI; use marcocesarato\amwscan\Interfaces\VerifierInterface; class Wordpress implements VerifierInterface @@ -33,7 +33,7 @@ public static function init($path) $version = self::getVersion($path); if ($version && !empty($version) && !isset(self::$roots[$path])) { $locale = self::getLocale($path); - Console::writeLine('Found WordPress ' . $version . ' (' . $locale . ') at "' . $path . '"', 1, 'green'); + CLI::writeLine('Found WordPress ' . $version . ' (' . $locale . ') at "' . $path . '"', 1, 'green'); $plugins = self::getPlugins($path); self::$roots[$path] = [ @@ -129,7 +129,7 @@ public static function getPlugins($root) } $headers['path'] = $cur->getPath(); $plugins[$cur->getPath()] = $headers; - Console::writeLine('Found WordPress Plugin ' . $headers['name'] . ' ' . $headers['version'], 1, 'green'); + CLI::writeLine('Found WordPress Plugin ' . $headers['name'] . ' ' . $headers['version'], 1, 'green'); } } } @@ -176,7 +176,7 @@ public static function getChecksums($version, $locale = 'en_US') $checksums = $cache->get($key); if (is_null($checksums)) { - Console::writeLine('Retrieving checksums of Wordpress ' . $version, 1, 'grey'); + CLI::writeLine('Retrieving checksums of Wordpress ' . $version, 1, 'grey'); $checksums = []; $dataChecksums = self::getData('https://api.wordpress.org/core/checksums/1.0/?version=' . $version . '&locale=' . $locale); @@ -220,7 +220,7 @@ public static function getPluginsChecksums($plugins = []) continue; } - Console::writeLine('Retrieving checksums of Wordpress Plugin ' . $plugin['name'] . ' ' . $plugin['version'], 1, 'grey'); + CLI::writeLine('Retrieving checksums of Wordpress Plugin ' . $plugin['name'] . ' ' . $plugin['version'], 1, 'grey'); $dataChecksums = self::getData('https://downloads.wordpress.org/plugin-checksums/' . $plugin['domain'] . '/' . $plugin['version'] . '.json'); if (!$dataChecksums) { $cache->set($key, [], self::$ttl); @@ -235,7 +235,11 @@ public static function getPluginsChecksums($plugins = []) $root = self::getRoot($path); $sanitizePath = str_replace($root['path'], '', $path); $sanitizePath = self::sanitizePath($sanitizePath); - $checksums[$sanitizePath] = strtolower($checksum['md5']); + if (is_array($checksum['md5'])) { + $checksums[$sanitizePath] = array_filter($checksum['md5'], 'strtolower'); + } else { + $checksums[$sanitizePath] = strtolower($checksum['md5']); + } } $cache->set($key, $checksums, self::$ttl); $pluginsChecksums[$plugin['domain']][$plugin['version']] = $checksums; @@ -270,7 +274,11 @@ public static function isVerified($path) $checksum = md5_file($path); $checksum = strtolower($checksum); - return $checksums[$comparePath] === $checksum; + if (is_array($checksums[$comparePath])) { + return in_array($checksum, $checksums[$comparePath]); + } else { + return $checksums[$comparePath] === $checksum; + } } // Plugins $pluginRoot = self::getPluginRoot($root, $path);