eval_check_signed()

Description

Prior to eval() checks to make sure the code has been signed first, by the offline script / migration script.

Parameters

ColumnTypeDefaultDescription
$code string The code to check

Return

string The code, if correctly signed, or an empty string if not.

Location

include/encryption_functions.php lines 97 to 121

Definition

 
function eval_check_signed($code)
{
    // No need to sign empty string.
    if (trim($code) == "") {
        return "";
    }

    // Extract the signature from the code.
    $code_split explode("\n"$code);
    if (count($code_split) < 2) {
        set_sysvar("code_sign_required""YES");
        return "";
    } // Not enough lines to include a key, exit
    $signature str_replace("//SIG"""trim($code_split[0])); // Extract signature
    $code trim(substr($codestrpos($code"\n") + 1));

    // Code not signed correctly? Exit early.
    if ($signature != sign_code($code)) {
        set_sysvar("code_sign_required""YES");
        return "";
    }

    // All is as expected, return the code ready for execution.
    return $code;
}

This article was last updated 17th April 2025 10:35 Europe/London time based on the source file dated 21st January 2025 15:20 Europe/London time.