Book Image

PrestaShop Module Development

By : Fabien Serny
Book Image

PrestaShop Module Development

By: Fabien Serny

Overview of this book

Table of Contents (19 chapters)
PrestaShop Module Development
About the Author
About the Reviewers

Searching for malicious code in modules

When you install, configure, or improve a PrestaShop webshop, you won't code all your modules. You will probably buy modules or download free ones. In all cases, it's always good to read the code of these modules. In this section, I will show you some of the common tricks I encountered while I was working on PrestaShop modules. However, keep in mind that this list is not exhaustive.

Just one last thing before starting: do not worry!

I will make a summary of all the malicious code I encountered on PrestaShop modules, but it concerns only a very small percent of all the modules I worked on.

Checking for unusual e-mail sending

Some modules use the mail function to track which shop is using it. So, you may find this kind of code:

$message = "A new shop is using my module!\n";
$message .= $_SERVER["HTTP_HOST"]."\n";
mail("[email protected]", "New Shop", $message);

This is not very harmful. However, if the module also contains a backdoor (or any...