Detection of overly long lines with preview of last 100 characters of offenders.

[philemerson]

I've added a few features to the code in order to address the problem of long lines and general speed of checking by limiting the process to just PHP files (this can easily be changed in the constant).

Here's the summary: Added option to disable sending of email Added option to display results as console output Added optional checking for long lines (with define to select trigger length) Added display of last 100 characters of long lines to help identify false positives Added filtering of input files so PDFs, JPGs etc can be skipped

[hazrpg]

This seems to fix issue #7.

[coliff]

This is a great PR with many useful additions. It's worked well for me. I have a few suggestions though;

• Increase the default 'LONG_LINE_THRESHOLD' to something much longer - right now it gives a lot of false positives (especially with WordPress)
• In the filetypes in 'FILES_TO_MATCH' you could add PHP3, PHP7 and PHPS. I realise they aren't so common, but can do no harm.

[mikestowe]

Looks good! Let me just run some tests to make sure I'm not missing anything and then will merge it in!

[clinttepe]

There seems to be an issue/typo on line 61 - the 2nd and 3rd parameters for str_pad() are reversed (or at least that's what fixed the error I was getting). Here is what worked for me with PHP 5.5.9 and 5.6.30: $this->infected_files[] = $file."\n".str_pad('base64/eval found',30,' ',STR_PAD_LEFT)."\n"; Still testing this version of the scanner combined with @coliff's suggestions. Really like the added features!

[clinttepe]

str_pad() issue also present with PHP 7.0.18 @mikestowe is there anything I can do to help test and push this PR through? I am working on some ideas to improve detection accuracy with the long line scan.