-
Notifications
You must be signed in to change notification settings - Fork 1.5k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' of https://github.com/Morerice/PHP_CodeSniffer
- Loading branch information
Showing
5 changed files
with
132 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
7 changes: 7 additions & 0 deletions
7
src/Standards/Generic/Docs/PHP/DisallowRequestSuperGlobalStandard.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| <documentation title="$_REQUEST Super Global"> | ||
| <standard> | ||
| <![CDATA[ | ||
| $_REQUEST should never be used due to the ambiguity created to identify where the data is coming from. Use $_POST, $_GET or $_COOKIE instead | ||
| ]]> | ||
| </standard> | ||
| </documentation> |
54 changes: 54 additions & 0 deletions
54
src/Standards/Generic/Sniffs/PHP/DisallowRequestSuperGlobalSniff.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| <?php | ||
| /** | ||
| * Ensures the $_REQUEST super global is not used | ||
| * | ||
| * @author Jeantwan Teuma <jeant.m24@gmail.com> | ||
| * @copyright 2006-2019 Squiz Pty Ltd (ABN 77 084 670 600) | ||
| * @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence | ||
| */ | ||
|
|
||
| namespace PHP_CodeSniffer\Standards\Generic\Sniffs\PHP; | ||
|
|
||
| use PHP_CodeSniffer\Files\File; | ||
| use PHP_CodeSniffer\Sniffs\Sniff; | ||
|
|
||
| class DisallowRequestSuperGlobalSniff implements Sniff | ||
| { | ||
|
|
||
|
|
||
| /** | ||
| * Returns an array of tokens this test wants to listen for. | ||
| * | ||
| * @return array | ||
| */ | ||
| public function register() | ||
| { | ||
| return [T_VARIABLE]; | ||
|
|
||
| }//end register() | ||
|
|
||
|
|
||
| /** | ||
| * Processes this sniff, when one of its tokens is encountered. | ||
| * | ||
| * @param File $phpcsFile The file being scanned. | ||
| * @param int $stackPtr The position of the current token in the stack passed in $tokens. | ||
| * | ||
| * @return void | ||
| */ | ||
| public function process(File $phpcsFile, $stackPtr) | ||
| { | ||
| $tokens = $phpcsFile->getTokens(); | ||
|
|
||
| $varName = $tokens[$stackPtr]['content']; | ||
| if ($varName !== '$_REQUEST') { | ||
| return; | ||
| } | ||
|
|
||
| $error = 'The $_REQUEST super global should not be used. Use $_GET, $_POST or $_COOKIE instead'; | ||
| $phpcsFile->addError($error, $stackPtr, 'Found'); | ||
|
|
||
| }//end process() | ||
|
|
||
|
|
||
| }//end class |
16 changes: 16 additions & 0 deletions
16
src/Standards/Generic/Tests/PHP/DisallowRequestSuperGlobalUnitTest.inc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| <?php | ||
| echo $_REQUEST['action']; | ||
|
|
||
| echo '$_REQUEST'; | ||
|
|
||
| echo $_POST['action']; | ||
|
|
||
| echo $_GET[$action]; | ||
|
|
||
| echo $_COOKIE['action']; | ||
|
|
||
| $sample = Util::getArrayIndex($_REQUEST, 'sample', ''); | ||
| $syntax = Util::getArrayIndex($_REQUEST, 'syntax', ''); | ||
| $value = Util::getArrayIndex($_FILES, $key, $default); | ||
|
|
||
| ?> |
51 changes: 51 additions & 0 deletions
51
src/Standards/Generic/Tests/PHP/DisallowRequestSuperGlobalUnitTest.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| <?php | ||
| /** | ||
| * Unit test class for the DisallowRequestSuperGlobal sniff. | ||
| * | ||
| * @author Jeantwan Teuma <jeant.m24@gmail.com> | ||
| * @copyright 2006-2019 Squiz Pty Ltd (ABN 77 084 670 600) | ||
| * @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence | ||
| */ | ||
| namespace PHP_CodeSniffer\Standards\Generic\Tests\PHP; | ||
|
|
||
| use PHP_CodeSniffer\Tests\Standards\AbstractSniffUnitTest; | ||
|
|
||
| class DisallowRequestSuperGlobalUnitTest extends AbstractSniffUnitTest | ||
| { | ||
|
|
||
|
|
||
| /** | ||
| * Returns the lines where errors should occur. | ||
| * | ||
| * The key of the array should represent the line number and the value | ||
| * should represent the number of errors that should occur on that line. | ||
| * | ||
| * @return array<int, int> | ||
| */ | ||
| protected function getErrorList() | ||
| { | ||
| return [ | ||
| 2 => 1, | ||
| 12 => 1, | ||
| 13 => 1, | ||
| ]; | ||
|
|
||
| }//end getErrorList() | ||
|
|
||
|
|
||
| /** | ||
| * Returns the lines where warnings should occur. | ||
| * | ||
| * The key of the array should represent the line number and the value | ||
| * should represent the number of warnings that should occur on that line. | ||
| * | ||
| * @return array<int, int> | ||
| */ | ||
| protected function getWarningList() | ||
| { | ||
| return []; | ||
|
|
||
| }//end getWarningList() | ||
|
|
||
|
|
||
| }//end class |