Added jamss rule; improved framework

source/administrator/components/com_jedchecker/language/en-GB/en-GB.com_jedchecker.ini

@@ -60,3 +60,9 @@ COM_JEDCHECKER_ERROR_FRAMEWORK_JERR="JError is deprecated, you should use applic
 COM_JEDCHECKER_ERROR_FRAMEWORK_ERRORLOG="error_log and var_dump"
 COM_JEDCHECKER_ERROR_FRAMEWORK_DEPRECATED="JRequest is deprecated and behaves funny with cache"
 COM_JEDCHECKER_ERROR_FRAMEWORK_TODO="Are we procrastinating?"
+COM_JEDCHECKER_ERROR_FRAMEWORK_GIT="Leftover code-versioning folders"
+COM_JEDCHECKER_RULE_JAMSS="JAMSS - Joomla! Anti-Malware Scan Script"
+COM_JEDCHECKER_RULE_JAMSS_DESC="Jamss will raise many flags for use of potentially dangerous methods, additionally checking for some known attack signatures. Find out more on the <a href='https://github.com/btoplak/Joomla-Anti-Malware-Scan-Script' target='_blank'>Project's homepage</a><br>JAMSS output is very verbose and very useful, hover over any lines to see the details!"
+COM_JEDCHECKER_ERROR_JAMSS_SUSPICIOUS_FILENAME="Suspicious filename found :"
+COM_JEDCHECKER_ERROR_JAMSS_CANNOT_OPEN="Could not check"
+COM_JEDCHECKER_ERROR_JAMSS_PATTERN="Pattern found"

source/administrator/components/com_jedchecker/libraries/rules/framework.ini

@@ -17,7 +17,7 @@
 ;
 ; ref: docs.joomla.org/Potential_backward_compatibility_issues_in_Joomla_3.0_and_Joomla_Platform_12.1
 
-
+leftover_folders=".DS_Store,.svn,.git"
 
 error_groups="directdb"
 directdb="mysql_connect,mysql_query,mysql_close,mysql_​escape_​string"

source/administrator/components/com_jedchecker/libraries/rules/framework.php

@@ -42,6 +42,8 @@ class JedcheckerRulesFramework extends JEDcheckerRule
 
 	protected $tests = false;
 
+	protected $leftover_folders;
+
 	/**
 	 * Initiates the file search and check
 	 *
@@ -50,17 +52,46 @@ class JedcheckerRulesFramework extends JEDcheckerRule
 	public function check()
 	{
 		$files = JFolder::files($this->basedir, '.php$', true, true);
+		$this->leftover_folders = explode(',', $this->params->get('leftover_folders'));
 
 		foreach ($files as $file)
 		{
-			// Process the file
-			if ($this->find($file))
+			if (!$this->excludeResource($file))
 			{
-				// Error messages are set by find() based on the errors found.
+				// Process the file
+				if ($this->find($file))
+				{
+					// Error messages are set by find() based on the errors found.
+				}
 			}
 		}
 	}
 
+	/**
+	 * Check if the given resourse is part
+	 *
+	 * @param   unknown_type  $file  The file name to test
+	 *
+	 * @return   boolean
+	 */
+	private function excludeResource($file)
+	{
+		// Warn about code versioning files included
+		$result = false;
+
+		foreach ($this->leftover_folders as $leftover_folder)
+		{
+			if (strpos($file, $leftover_folder) !== false)
+			{
+				$error_message = JText::_("COM_JEDCHECKER_ERROR_FRAMEWORK_GIT") . ":";
+				$this->report->addWarning($file, $error_message, 0);
+				$result = true;
+			}
+		}
+
+		return $result;
+	}
+
 	/**
 	 * reads a file and searches for any function defined in the params
 	 *

source/administrator/components/com_jedchecker/libraries/rules/jamss.ini

@@ -0,0 +1,19 @@
+; This is the configuration file of the Jamss rule.
+;
+; @author     Riccardo Zorn
+; @date       2014-02-22
+; @copyright  Copyright (C) 2008 - 2014 fasterjoomla.com . All rights reserved.
+; @license    GNU General Public License version 2 or later; see LICENSE
+; @site		  fasterjoomla.com
+
+; This rule runs the JAMSS checks: https://github.com/btoplak/Joomla-Anti-Malware-Scan-Script/blob/master/jamss.php
+; JAMSS description: This script should be used for searching the infected or malware/backdoor
+; files in Joomla! installations.
+; JAMSS by https://github.com/btoplak
+; no configuration here.
+
+fileExt="php|php3|php4|php5|phps|html|htaccess|gif"
+
+; These format the output:
+code="<span class='jamss_tooltip code' title='%s'>code</span>&nbsp;"
+info="<span class='jamss_tooltip info' title='%s'>info</span>&nbsp;"