-
Notifications
You must be signed in to change notification settings - Fork 44
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add Theme forbidden functions sniff + unit tests.
- Loading branch information
Showing
4 changed files
with
151 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,72 @@ | ||
| <?php | ||
| /** | ||
| * WordPress_Sniffs_Theme_RestrictedPHPFunctionsSniff. | ||
| * | ||
| * Forbids the use of certain exec and obfuscation functions within Themes. | ||
| * | ||
| * @category Theme | ||
| * @package PHP_CodeSniffer | ||
| * @author Juliette Reinders Folmer <wpplugins_nospam@adviesenzo.nl> | ||
| */ | ||
| class WordPress_Sniffs_Theme_RestrictedPHPFunctionsSniff extends WordPress_Sniffs_Functions_FunctionRestrictionsSniff { | ||
|
|
||
| /** | ||
| * Groups of functions to restrict | ||
| * | ||
| * Example: groups => array( | ||
| * 'lambda' => array( | ||
| * 'type' => 'error' | 'warning', | ||
| * 'message' => 'Use anonymous functions instead please!', | ||
| * 'functions' => array( 'eval', 'create_function' ), | ||
| * ) | ||
| * ) | ||
| * | ||
| * @return array | ||
| */ | ||
| public function getGroups() { | ||
| return array( | ||
|
|
||
| 'eval' => array( | ||
| 'type' => 'error', | ||
| 'message' => '%s() is not allowed.', | ||
| 'functions' => array( | ||
| 'eval', | ||
| ), | ||
| ), | ||
|
|
||
| 'system_calls' => array( | ||
| 'type' => 'error', | ||
| 'message' => 'PHP system calls are often disabled by server admins and should not be in themes. Found %s.', | ||
| 'functions' => array( | ||
| 'exec', | ||
| 'passthru', | ||
| 'proc_open', | ||
| 'shell_exec', | ||
| 'system', | ||
| 'popen', | ||
| ), | ||
| ), | ||
|
|
||
| 'ini_set' => array( | ||
| 'type' => 'error', | ||
| 'message' => '%s is prohibited, themes should not change server PHP settings.', | ||
| 'functions' => array( | ||
| 'ini_set', | ||
| ), | ||
| ), | ||
|
|
||
| 'obfuscation' => array( | ||
| 'type' => 'error', | ||
| 'message' => '%s() is not allowed.', | ||
| 'functions' => array( | ||
| 'base64_decode', | ||
| 'base64_encode', | ||
| 'convert_uudecode', | ||
| 'convert_uuencode', | ||
| 'str_rot13', | ||
| ), | ||
| ), | ||
| ); | ||
|
|
||
| } | ||
| } // end class |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| <?php | ||
|
|
||
| // Obfuscation and evil functions. | ||
| base64_decode( 'VGhpcyBpcyBhbiBlbmNvZGVkIHN0cmluZw=='); | ||
| base64_encode( 'This is an encoded string' ); | ||
| convert_uudecode( "+22!L;W9E(%!(4\"$`\n`" ); | ||
| convert_uuencode( "test\ntext text\r\n" ); | ||
| str_rot13( 'The quick brown fox jumps over the lazy dog.' ); | ||
| eval( "\$str = \"$str\";" ); | ||
|
|
||
| // Themes should not change server PHP settings. | ||
| ini_set( 'memory_limit' ); | ||
|
|
||
| // PHP system calls are often disabled by server admins and should not be in themes. | ||
| exec( 'whoami' ); | ||
| passthru( 'cat myfile.zip', $err ); | ||
| $process = proc_open( 'php', $descriptorspec, $pipes, $cwd, $env ); | ||
| $output = shell_exec( 'ls -lart' ); | ||
| $last_line = system( 'ls', $retval ); | ||
| $handle = popen( '/bin/ls', 'r' ); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| <?php | ||
| /** | ||
| * Unit test class for the Theme_RestrictedPHPFunctions sniff. | ||
| * | ||
| * A sniff unit test checks a .inc file for expected violations of a single | ||
| * coding standard. Expected errors and warnings are stored in this class. | ||
| * | ||
| * @category Theme | ||
| * @package PHP_CodeSniffer | ||
| * @author Juliette Reinders Folmer <wpplugins_nospam@adviesenzo.nl> | ||
| */ | ||
| class WordPress_Tests_Theme_RestrictedPHPFunctionsUnitTest extends AbstractSniffUnitTest { | ||
|
|
||
| /** | ||
| * Returns the lines where errors should occur. | ||
| * | ||
| * The key of the array should represent the line number and the value | ||
| * should represent the number of errors that should occur on that line. | ||
| * | ||
| * @return array(int => int) | ||
| */ | ||
| public function getErrorList() { | ||
| return array( | ||
| 4 => 1, | ||
| 5 => 1, | ||
| 6 => 1, | ||
| 7 => 1, | ||
| 8 => 1, | ||
| 9 => 1, | ||
| 12 => 1, | ||
| 15 => 1, | ||
| 16 => 1, | ||
| 17 => 1, | ||
| 18 => 1, | ||
| 19 => 1, | ||
| 20 => 1, | ||
| ); | ||
|
|
||
| } // end getErrorList() | ||
|
|
||
|
|
||
| /** | ||
| * Returns the lines where warnings should occur. | ||
| * | ||
| * The key of the array should represent the line number and the value | ||
| * should represent the number of warnings that should occur on that line. | ||
| * | ||
| * @return array(int => int) | ||
| */ | ||
| public function getWarningList() { | ||
| return array(); | ||
|
|
||
| } // end getWarningList() | ||
|
|
||
| } // end class |