Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- ### README
- #
- # CONST_PATH
- # CONST_PATH is also filename against witch Your check will be done,
- # so remember to proceed against each const file in particular beesite instance.
- # You can also collect all variables files into one (PHP syntax dosn't matter here)
- # and set such file as CONST_PATH
- #
- # VARS_LIST_PATH
- # Basicly run-time file but as a side effect You have distinctive vars list
- #
- # SUSPICIOUS_VARS_PATH
- # Script is still raw so basic action is just to get bad guys list
- #
- # DESPERATE_TRIGGER
- # If set to 1 script will try to comment down not used var in file against one (CONST_PATH) operation is proceeded
- #
- ### CONFIG
- CONST_PATH='./wms/session/constants.inc.php';
- VARS_LIST_PATH='./vars_list';
- SUSPICIOUS_VARS_PATH='./suspicious_list';
- DESPERATE_TRIGGER=0;
- ### CONFIG END
- echo "Working here, please be patient:)";
- ### SEARCHING UQ VARS DEFINITIONS
- cat $CONST_PATH | grep "\$_SESSION\[[A-Za-z0-9_'\"]*\]" | awk '{print $1}' | cut -f1 -d"=" | sort -u > $VARS_LIST_PATH;
- ## cleanup
- echo '' > $SUSPICIOUS_VARS_PATH;
- while read VAR; do
- # Make options with single or double quotes
- VAR_SINGLE=$(echo $VAR | sed s/\"/\'/g);
- VAR_DOUBLE=$(echo $VAR | sed s/\'/\"/g);
- # Check against all variations excluding CONST_PATH file
- RES=$(grep -F -s -e "$VAR" -e "$VAR_SINGLE" -e "$VAR_DOUBLE" `find ./ -iname "*.php" | grep -v $CONST_PATH` | wc -l);
- # If var seems to be unused take action
- if [ $RES == "0" ]
- then
- echo $VAR >> $SUSPICIOUS_VARS_PATH;
- if [ $DESPERATE_TRIGGER == "1" ]
- then
- replace $VAR "///##///"$VAR -- $CONST_PATH;
- fi
- fi
- done < $VARS_LIST_PATH
- echo "Done, bad vars list in $SUSPICIOUS_VARS_PATH";
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement