Closed JeroenMoolenschot closed 1 year ago
Currently JEXEC check is required for all PHP files (except of 3rdparty independent libraries with its own GPL-compatible license file). See previous discussions: #75 and #164.
In some of my extensions the JEXEC check works perfect, but I have also extension in which the JEXEC-check does not detect that a JEXEC is missing (e.g. in an install_contentnotifier_script.php ). I can send you the extension. Regards, Peter
Yes, send it to denis.ryabov(at)community.joomla.org, I'll check.
I have sent you an example (two days ago).
@peterhulst Thank you! (I've just found your email in the spam folder)
@peterhulst Fixed in PR #216.
Extension: 15933 in JED
The JEXEC security check was not found in this file. /src/Library/StorageClass.php
Reply from developer: This is correct, there is no such check as it is a pure class with no dependencies (no use statements). Accessing the file directly does not produce any artefacts, i.e. nothing is printed to the browser even at the maximum error reporting level in PHP.
Is there a way to approve this check?