diff options
| author | Michael Boelen <michael.boelen@cisofy.com> | 2019-07-16 14:20:30 +0300 |
|---|---|---|
| committer | Michael Boelen <michael.boelen@cisofy.com> | 2019-07-16 14:20:30 +0300 |
| commit | fa8bad20db100d95cf089b0b2d897c339327215c (patch) | |
| tree | 2f80f2e015d26056cd741137dc4fdd069a6c4c5d /include/tests_php | |
| parent | 2777caf6d218aeb40c2ebd8af2564be8201eeff1 (diff) | |
Use -n instead of ! -z
Diffstat (limited to 'include/tests_php')
| -rw-r--r-- | include/tests_php | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/include/tests_php b/include/tests_php index 76606c64..ef43f282 100644 --- a/include/tests_php +++ b/include/tests_php @@ -139,7 +139,7 @@ fi done - if [ ! -z "${PHPINIFILE}" ]; then + if [ -n "${PHPINIFILE}" ]; then Display --indent 2 --text "- Checking PHP" --result "${STATUS_FOUND}" --color GREEN LogText "Result: using single file ${PHPINIFILE} for main php.ini tests" LogText "Result: using php.ini array ${PHPINI_ALLFILES} for further tests" @@ -154,7 +154,7 @@ # # Test : PHP-2320 # Description : Check php disable functions option - if [ ! -z "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ -n "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no PHP-2320 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP disabled functions" if [ ${SKIPTEST} -eq 0 ]; then FOUND=0 @@ -194,7 +194,7 @@ # Test : PHP-2368 # Description : Check php register_globals option # Notes : Don't test for it if PHP version is 5.4.0 or later (it has been removed) - if [ ! -z "${PHPINIFILE}" -a ! -z "${PHPVERSION}" -a ! -z "${EGREPBINARY}" ]; then + if [ -n "${PHPINIFILE}" -a -n "${PHPVERSION}" -a -n "${EGREPBINARY}" ]; then if [ -f "${PHPINIFILE}" ]; then FIND=$(echo ${PHPVERSION} | ${EGREPBINARY} "^(4.|5.[0-3])") if [ -z "${FIND}" ]; then @@ -215,7 +215,7 @@ if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking PHP register_globals option" FIND=$(${EGREPBINARY} -i 'register_globals.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;') - if [ ! -z "${FIND}" ]; then + if [ -n "${FIND}" ]; then Display --indent 4 --text "- Checking register_globals option" --result "${STATUS_WARNING}" --color RED ReportWarning ${TEST_NO} "PHP option register_globals option is turned on, which can be a risk for variable value overwriting" ReportSuggestion ${TEST_NO} "Change the register_globals line to: register_globals = Off" @@ -235,7 +235,7 @@ # Description : Check PHP expose_php option # Background : When this option is turned on, PHP will show its version number in the HTTP headers # Notes : TODO - Extend test to check all PHP files - if [ ! -z "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ -n "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no PHP-2372 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP expose_php option" if [ ${SKIPTEST} -eq 0 ]; then FOUND=0 @@ -266,12 +266,12 @@ # Test : PHP-2374 # Description : Check PHP enable_dl option # Notes : Extend test to check all PHP files - if [ ! -z "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ -n "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no PHP-2374 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP enable_dl option" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking PHP enable_dl option" FIND=$(${EGREPBINARY} -i 'enable_dl.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;') - if [ ! -z "${FIND}" ]; then + if [ -n "${FIND}" ]; then Display --indent 4 --text "- Checking enable_dl option" --result "${STATUS_ON}" --color YELLOW Report "Result: enable_dl option is turned on, which can be used to enable more modules dynamically and circumventing security controls" ReportSuggestion ${TEST_NO} "Change the enable_dl line to: enable_dl = Off, to disable dynamically loading new modules" @@ -288,7 +288,7 @@ # Test : PHP-2376 # Description : Check PHP allow_url_fopen option # Notes : Extend test to check all PHP files YYY - if [ ! -z "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ -n "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no PHP-2376 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP allow_url_fopen option" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking PHP allow_url_fopen option" @@ -311,7 +311,7 @@ # Test : PHP-2378 # Description : Check PHP allow_url_include option # Notes : Extend test to check all PHP files YYY - if [ ! -z "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + if [ -n "${PHPINIFILE}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi Register --test-no PHP-2378 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP allow_url_include option" if [ ${SKIPTEST} -eq 0 ]; then LogText "Test: Checking PHP allow_url_include option" @@ -333,7 +333,7 @@ # - test disabled for time being, as newer suhosin7 work is not stable enough - # Test : PHP-2379 # Description : Check PHP suhosin extension status - #if [ ! -z "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi + #if [ -n "${PHPINI_ALLFILES}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi #Register --test-no PHP-2379 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP suhosin extension status" #if [ ${SKIPTEST} -eq 0 ]; then @@ -365,14 +365,14 @@ # fi # # Check Suhosin for PHP 7 - # if [ ! -z "${MAJOR_VERSION}" -a ${FOUND} -eq 1 ]; then + # if [ -n "${MAJOR_VERSION}" -a ${FOUND} -eq 1 ]; then # LogText "Test: Check Suhosin for PHP 7 is not enabled" # LogText "Result: Suhosin for PHP 7 is in alpha stage and should not be used in production" # ReportSuggestion ${TEST_NO} "Disable Suhosin for PHP 7" # Display --indent 4 --text "- Checking PHP suhosin extension status" --result "${STATUS_WARNING}" --color RED # Display --indent 6 --text "- Suhosin is enabled for PHP 7" --result "${STATUS_WARNING}" --color RED # AddHP 0 1 - # elif [ ! -z "${MAJOR_VERSION}" -a ${FOUND} -eq 0 ]; then + # elif [ -n "${MAJOR_VERSION}" -a ${FOUND} -eq 0 ]; then # LogText "Test: Check Suhosin for PHP 7 is not enabled" # LogText "Result: Suhosin for PHP 7 is not enabled" # Display --indent 4 --text "- Checking PHP suhosin extension status" --result "${STATUS_OK}" --color GREEN |