Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

More ini directives, functions, and forbidden parameter names. #2

Merged
merged 5 commits into from

2 participants

LB (Lincoln) Denker Sebastian Marek
LB (Lincoln) Denker

I think we could probably generalize the 5.3 sniffs and these 5.4 sniffs so that we would only need ruleset.xml files for each and then in the future would not be copying and pasting so much logic all over the place. There is likely to always be deprecated/removed ini directives, functions, etc.

For now, just some more checks.

Laura Beth L... added some commits
Laura Beth Lincoln Expand DeprecatedIniDirectiveSniff to take a list of removed ini
directives as well and publish an error when a removed directive is
encountered.
9b86658
Laura Beth Lincoln Split DeprecatedFunctionSniff into deprecated and removed so that we can
have warnings for deprecated funcations and errors for removed function.
It is possible for someone to override $error in their ruleset, but that
is them.
476a7f1
Laura Beth Lincoln Fix documentation to reflect RemovedFunctionSniff name. 4e83e2b
Laura Beth Lincoln Move RemovedFunctionsSniff to properly named file. 3d953c6
Laura Beth Lincoln Add sniff for forbidden parameter names. In 5.4: 'Parameter names that
shadow super globals now cause a fatal error.  This prohibits code like
function foo($_GET, $POST) {}.'
37ed819
Sebastian Marek proofek merged commit 2b5301e into from
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Mar 2, 2012
  1. Expand DeprecatedIniDirectiveSniff to take a list of removed ini

    Laura Beth Lincoln authored
    directives as well and publish an error when a removed directive is
    encountered.
  2. Split DeprecatedFunctionSniff into deprecated and removed so that we can

    Laura Beth Lincoln authored
    have warnings for deprecated funcations and errors for removed function.
    It is possible for someone to override $error in their ruleset, but that
    is them.
  3. Fix documentation to reflect RemovedFunctionSniff name.

    Laura Beth Lincoln authored
  4. Move RemovedFunctionsSniff to properly named file.

    Laura Beth Lincoln authored
  5. Add sniff for forbidden parameter names. In 5.4: 'Parameter names that

    Laura Beth Lincoln authored
    shadow super globals now cause a fatal error.  This prohibits code like
    function foo($_GET, $POST) {}.'
This page is out of date. Refresh to see the latest.
19 src/PHP/CodeSniffer/Standards/PHP54Compatibility/Sniffs/PHP/DeprecatedFunctionsSniff.php
View
@@ -29,7 +29,7 @@
class PHP54Compatibility_Sniffs_PHP_DeprecatedFunctionsSniff extends Generic_Sniffs_PHP_ForbiddenFunctionsSniff
{
/**
- * A list of forbidden functions with their alternatives.
+ * A list of deprecated functions with their alternatives.
*
* The value is NULL if no alternative exists. IE, the
* function should just not be used.
@@ -37,10 +37,10 @@ class PHP54Compatibility_Sniffs_PHP_DeprecatedFunctionsSniff extends Generic_Sni
* @var array(string => string|null)
*/
protected $forbiddenFunctions = array(
+ 'get_magic_quotes_gpc' => null,
+ 'get_magic_quotes_runtime' => null,
+ 'set_magic_quotes_runtime' => null,
'import_request_variables' => null,
- 'session_is_registered' => null,
- 'session_register' => null,
- 'session_unregister' => null,
);
/**
@@ -48,7 +48,7 @@ class PHP54Compatibility_Sniffs_PHP_DeprecatedFunctionsSniff extends Generic_Sni
*
* @var bool
*/
- public $error = true;
+ public $error = false;
/**
* Generates the error or wanrning for this sniff.
@@ -65,13 +65,8 @@ protected function addError($phpcsFile, $stackPtr, $function, $pattern=null)
{
$data = array($function);
$error = 'The use of function %s() is ';
- if ($this->error === true) {
- $type = 'Found';
- $error .= 'forbidden';
- } else {
- $type = 'Discouraged';
- $error .= 'discouraged';
- }
+ $type = 'Deprecated';
+ $error .= 'deprecated';
if ($pattern === null) {
$pattern = $function;
30 src/PHP/CodeSniffer/Standards/PHP54Compatibility/Sniffs/PHP/DeprecatedIniDirectivesSniff.php
View
@@ -43,7 +43,23 @@ class PHP54Compatibility_Sniffs_PHP_DeprecatedIniDirectivesSniff implements PHP_
'highlight.bg',
'register_globals',
'register_long_arrays',
- 'allow_call_time_pass_reference'
+ 'allow_call_time_pass_reference',
+ );
+
+ /**
+ * A list of removed INI directives
+ *
+ * @var array(string)
+ */
+ protected $removedIniDirectives = array(
+ 'define_syslog_variables',
+ 'register_globals',
+ 'register_long_arrays',
+ 'safe_mode',
+ 'safe_mode_exec_dir',
+ 'magic_quotes_gpc',
+ 'magic_quotes_runtime',
+ 'magic_quotes_sybase',
);
/**
@@ -87,11 +103,13 @@ public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
return;
}
$iniToken = $phpcsFile->findNext(T_CONSTANT_ENCAPSED_STRING, $stackPtr, null);
- if (in_array(str_replace("'", "", $tokens[$iniToken]['content']), $this->deprecatedIniDirectives) === false) {
- return;
+ $iniDirective = str_replace("'", "", $tokens[$iniToken]['content']);
+ if (in_array($iniDirective, $this->deprecatedIniDirectives) === true) {
+ $error = "[PHP 5.4] INI directive " . $tokens[$iniToken]['content'] . " is deprecated.";
+ $phpcsFile->addWarning($error, $stackPtr);
+ } else if (in_array($iniDirective, $this->removedIniDirectives) === true) {
+ $error = "[PHP 5.4] INI directive " . $tokens[$iniToken]['content'] . " is removed.";
+ $phpcsFile->addError($error, $stackPtr);
}
- $error = "[PHP 5.4] INI directive " . $tokens[$iniToken]['content'] . " is deprecated.";
-
- $phpcsFile->addWarning($error, $stackPtr);
}
}
74 src/PHP/CodeSniffer/Standards/PHP54Compatibility/Sniffs/PHP/ForbiddenParameterNamesSniff.php
View
@@ -0,0 +1,74 @@
+<?php
+/**
+ * PHP54Compatibility_Sniffs_PHP_ForbiddenParameterNameSniff.
+ *
+ * PHP version 5.4
+ *
+ * @category PHP
+ * @package PHP54Compatibility
+ * @author Sebastian Marek <proofek@gmail.com>
+ * @copyright 2012 Sebastian Marek
+ * @license http://www.opensource.org/licenses/bsd-license.php BSD License
+ * @link https://github.com/proofek/PHP54Compatibility
+ */
+
+/**
+ * PHP54Compatibility_Sniffs_PHP_ForbiddenParameterNamesSniff.
+ *
+ * Prohibits the use of particular parameter names.
+ *
+ * @category PHP
+ * @package PHP54Compatibility
+ * @author LB Denker <lb@elblinkin.info>
+ * @copyright 2012 LB Denker
+ * @license http://www.opensource.org/licenses/bsd-license.php BSD License
+ * @link https://github.com/proofek/PHP54Compatibility
+ */
+class PHP54Compatibility_Sniffs_PHP_ForbiddenParameterNamesSniff implements PHP_CodeSniffer_Sniff
+{
+
+ /**
+ * A list of forbidden parameter names.
+ *
+ * @var array(string)
+ */
+ public $forbiddenParameterNames = array(
+ '$GLOBALS',
+ '$_SERVER',
+ '$_GET',
+ '$_SET',
+ '$_FILES',
+ '$_COOKIE',
+ '$_SESSION',
+ '$_REQUEST',
+ '$_ENV',
+ );
+ /**
+ * Returns an array of tokens this test wants to listen for.
+ *
+ * @return array
+ */
+ public function register()
+ {
+ return array(T_FUNCTION);
+ }
+
+ /**
+ * Processes this test, when one of its tokens is encountered.
+ *
+ * @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
+ * @param int $stackPtr The position of the current token in the
+ * stack passed in $tokens.
+ *
+ * @return void
+ */
+ public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
+ {
+ foreach ($phpcsFile->getMethodParameters($stackPtr) as $param) {
+ if (in_array($param, $this->forbiddenParameterNames) === true) {
+ $error = "[PHP 5.4] $param is not a valid parameter name.";
+ $phpcsFile->addError($error, $stackPtr);
+ }
+ }
+ }
+}
96 src/PHP/CodeSniffer/Standards/PHP54Compatibility/Sniffs/PHP/RemovedFunctionsSniff.php
View
@@ -0,0 +1,96 @@
+<?php
+/**
+ * PHP54Compatibility_Sniffs_PHP_RemovedFunctionsSniff.
+ *
+ * This is based on Wim Godden's PHP53Compatibility code sniffs.
+ * See [blog](http://techblog.wimgodden.be/tag/codesniffer) and
+ * [github](https://github.com/wimg/PHP53Compat_CodeSniffer).
+ *
+ * PHP version 5.4
+ *
+ * @category PHP
+ * @package PHP54Compatibility
+ * @author Sebastian Marek <proofek@gmail.com>
+ * @copyright 2012 Sebastian Marek
+ * @license http://www.opensource.org/licenses/bsd-license.php BSD License
+ * @link https://github.com/proofek/PHP54Compatibility
+ */
+
+/**
+ * PHP54Compatibility_Sniffs_PHP_RemovedFunctionsSniff.
+ *
+ * @category PHP
+ * @package PHP54Compatibility
+ * @author Sebastian Marek <proofek@gmail.com>
+ * @copyright 2012 Sebastian Marek
+ * @license http://www.opensource.org/licenses/bsd-license.php BSD License
+ * @link https://github.com/proofek/PHP54Compatibility
+ */
+class PHP54Compatibility_Sniffs_PHP_RemovedFunctionsSniff extends Generic_Sniffs_PHP_ForbiddenFunctionsSniff
+{
+ /**
+ * A list of forbidden functions with their alternatives.
+ *
+ * The value is NULL if no alternative exists. IE, the
+ * function should just not be used.
+ *
+ * @var array(string => string|null)
+ */
+ protected $forbiddenFunctions = array(
+ 'define_syslog_vairables' => null,
+ 'import_request_variables' => null,
+ 'session_is_registered' => null,
+ 'session_register' => null,
+ 'session_unregister' => null,
+ 'mysqli_bind_param' => null,
+ 'mysqli_bind_result' => null,
+ 'mysqli_client_encoding' => null,
+ 'mysqli_fetch' => null,
+ 'mysqli_param_count' => null,
+ 'mysqli_get_metadata' => null,
+ 'mysqli_send_long_data' => null,
+ );
+
+ /**
+ * If true, an error will be thrown; otherwise a warning.
+ *
+ * @var bool
+ */
+ public $error = true;
+
+ /**
+ * Generates the error or wanrning for this sniff.
+ *
+ * @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
+ * @param int $stackPtr The position of the forbidden function
+ * in the token array.
+ * @param string $function The name of the forbidden function.
+ * @param string $pattern The pattern used for the match.
+ *
+ * @return void
+ */
+ protected function addError($phpcsFile, $stackPtr, $function, $pattern=null)
+ {
+ $data = array($function);
+ $error = 'The use of function %s() is ';
+ $type = 'Removed';
+ $error .= 'removed';
+
+ if ($pattern === null) {
+ $pattern = $function;
+ }
+
+ if ($this->forbiddenFunctions[$pattern] !== null) {
+ $type .= 'WithAlternative';
+ $data[] = $this->forbiddenFunctions[$pattern];
+ $error .= '; use %s() instead';
+ }
+
+ if ($this->error === true) {
+ $phpcsFile->addError("[PHP 5.4] $error", $stackPtr, $type, $data);
+ } else {
+ $phpcsFile->addWarning("[PHP 5.4] $error", $stackPtr, $type, $data);
+ }
+
+ }
+}
Something went wrong with that request. Please try again.