├── .gitignore
├── .travis.yml
├── LICENSE
├── MEQP
└── Utils
│ └── Helper.php
├── MEQP1
├── README.md
├── Sniffs
│ ├── Classes
│ │ ├── Mysql4Sniff.php
│ │ ├── ObjectInstantiationSniff.php
│ │ └── ResourceModelSniff.php
│ ├── CodeAnalysis
│ │ └── EmptyBlockSniff.php
│ ├── Exceptions
│ │ ├── DirectThrowSniff.php
│ │ └── NamespaceSniff.php
│ ├── PHP
│ │ ├── GotoSniff.php
│ │ ├── PrivateClassMemberSniff.php
│ │ ├── SyntaxSniff.php
│ │ └── VarSniff.php
│ ├── Performance
│ │ ├── CollectionCountSniff.php
│ │ ├── EmptyCheckSniff.php
│ │ ├── InefficientMethodsSniff.php
│ │ └── LoopSniff.php
│ ├── SQL
│ │ ├── MissedIndexesSniff.php
│ │ ├── RawQuerySniff.php
│ │ └── SlowQuerySniff.php
│ ├── Security
│ │ ├── AclSniff.php
│ │ ├── DiscouragedFunctionSniff.php
│ │ ├── IncludeFileSniff.php
│ │ ├── InsecureFunctionSniff.php
│ │ ├── LanguageConstructSniff.php
│ │ └── SuperglobalSniff.php
│ ├── Stdlib
│ │ └── DateTimeSniff.php
│ ├── Strings
│ │ ├── RegExSniff.php
│ │ ├── StringConcatSniff.php
│ │ └── StringPositionSniff.php
│ └── Templates
│ │ └── XssTemplateSniff.php
├── Tests
│ ├── Classes
│ │ ├── Mysql4UnitTest.inc
│ │ ├── Mysql4UnitTest.php
│ │ ├── ObjectInstantiationUnitTest.inc
│ │ ├── ObjectInstantiationUnitTest.php
│ │ ├── ResourceModelUnitTest.inc
│ │ └── ResourceModelUnitTest.php
│ ├── CodeAnalysis
│ │ ├── EmptyBlockUnitTest.inc
│ │ └── EmptyBlockUnitTest.php
│ ├── Exceptions
│ │ ├── DirectThrowUnitTest.inc
│ │ ├── DirectThrowUnitTest.php
│ │ ├── NamespaceUnitTest.inc
│ │ └── NamespaceUnitTest.php
│ ├── PHP
│ │ ├── GotoUnitTest.inc
│ │ ├── GotoUnitTest.php
│ │ ├── PrivateClassMemberUnitTest.inc
│ │ ├── PrivateClassMemberUnitTest.php
│ │ ├── SyntaxUnitTest.inc
│ │ ├── SyntaxUnitTest.php
│ │ ├── VarUnitTest.inc
│ │ └── VarUnitTest.php
│ ├── Performance
│ │ ├── CollectionCountUnitTest.inc
│ │ ├── CollectionCountUnitTest.php
│ │ ├── EmptyCheckUnitTest.inc
│ │ ├── EmptyCheckUnitTest.php
│ │ ├── InefficientMethodsUnitTest.inc
│ │ ├── InefficientMethodsUnitTest.php
│ │ ├── LoopUnitTest.inc
│ │ └── LoopUnitTest.php
│ ├── SQL
│ │ ├── MissedIndexesUnitTest.inc
│ │ ├── MissedIndexesUnitTest.php
│ │ ├── RawQueryUnitTest.inc
│ │ ├── RawQueryUnitTest.php
│ │ ├── SlowQueryUnitTest.inc
│ │ └── SlowQueryUnitTest.php
│ ├── Security
│ │ ├── AclUnitTest.inc
│ │ ├── AclUnitTest.php
│ │ ├── DiscouragedFunctionUnitTest.inc
│ │ ├── DiscouragedFunctionUnitTest.php
│ │ ├── IncludeFileUnitTest.inc
│ │ ├── IncludeFileUnitTest.php
│ │ ├── InsecureFunctionUnitTest.inc
│ │ ├── InsecureFunctionUnitTest.php
│ │ ├── LanguageConstructUnitTest.inc
│ │ ├── LanguageConstructUnitTest.php
│ │ ├── SuperglobalUnitTest.inc
│ │ └── SuperglobalUnitTest.php
│ ├── Stdlib
│ │ ├── DateTimeUnitTest.inc
│ │ └── DateTimeUnitTest.php
│ ├── Strings
│ │ ├── RegExUnitTest.inc
│ │ ├── RegExUnitTest.php
│ │ ├── StringConcatUnitTest.inc
│ │ ├── StringConcatUnitTest.php
│ │ ├── StringPositionUnitTest.inc
│ │ └── StringPositionUnitTest.php
│ └── Templates
│ │ ├── XssTemplateUnitTest.inc
│ │ └── XssTemplateUnitTest.php
└── ruleset.xml
├── README.md
├── composer.json
├── composer.lock
└── phpunit.xml.dist
/.gitignore:
--------------------------------------------------------------------------------
1 | /cache/*
2 | /vendor/*
3 |
4 | # IDE
5 | /.idea/*
6 |
--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
1 | language: php
2 | php:
3 | - 5.5
4 | - 5.6
5 | - 7.0
6 | - 7.1
7 | install: composer install --no-interaction --prefer-source
8 | script:
9 | - vendor/bin/phpunit vendor/squizlabs/php_codesniffer/tests/AllTests.php
10 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Copyright (c) 2016 Magento
2 |
3 | Permission is hereby granted, free of charge, to any person obtaining a copy
4 | of this software and associated documentation files (the "Software"), to deal
5 | in the Software without restriction, including without limitation the rights
6 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
7 | copies of the Software, and to permit persons to whom the Software is
8 | furnished to do so, subject to the following conditions:
9 |
10 | The above copyright notice and this permission notice shall be included in
11 | all copies or substantial portions of the Software.
12 |
13 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
19 | THE SOFTWARE.
20 |
--------------------------------------------------------------------------------
/MEQP/Utils/Helper.php:
--------------------------------------------------------------------------------
1 | getTokens();
28 | $startIndex = $file->findNext(T_STRING, $startIndex);
29 | while ($startIndex !== false) {
30 | $prevIndex = $file->findPrevious([T_WHITESPACE], $startIndex - 1, null, true);
31 | $prevCode = $tokens[$prevIndex]['code'];
32 | $nextIndex = $file->findNext([T_WHITESPACE], $startIndex + 1, null, true);
33 | $nextCode = $tokens[$nextIndex]['code'];
34 | if (($prevCode == T_OBJECT_OPERATOR || $prevCode == T_DOUBLE_COLON)
35 | && $nextCode == T_OPEN_PARENTHESIS
36 | ) {
37 | $methods[$startIndex] = $tokens[$startIndex];
38 | }
39 | $startIndex = $file->findNext(T_STRING, $startIndex + 1);
40 | }
41 | return $methods;
42 | }
43 | }
44 |
--------------------------------------------------------------------------------
/MEQP1/README.md:
--------------------------------------------------------------------------------
1 | # Magento 1
2 |
3 | If you run PHP_CodeSniffer without specifying a coding standard, PHP_CodeSniffer will look for a file called either `phpcs.xml` or `phpcs.xml.dist`. If found, configuration information will be read from this file, including the files to check, the coding standard to use, and any command line arguments to apply.
4 |
5 | ## Default Configuration
6 |
7 | 1. Add the `phpcs.xml` configuration file, e.g:
8 |
9 | ```
10 |
11 |
12 | Code Sniffer Configuration
13 | app/
14 |
15 |
16 |
17 | ```
18 | 1. Update `composer.json` with:
19 |
20 | ```
21 | {
22 | [...]
23 | "require-dev": {
24 | "magento/marketplace-eqp": "dev-master"
25 | },
26 | "scripts": {
27 | "post-install-cmd": [
28 | "vendor/bin/phpcs --config-set default_standard MEQP1",
29 | "vendor/bin/phpcs --config-set installed_paths \"$(pwd)/vendor/magento/marketplace-eqp\"",
30 | "vendor/bin/phpcs --config-set php5.5_path \"$(which php)\""
31 | ]
32 | },
33 | "extra": {
34 | "exclude": [
35 | "phpcs.xml"
36 | ]
37 | },
38 | "repositories": [
39 | {
40 | "type": "vcs",
41 | "url": "https://github.com/magento/marketplace-eqp.git"
42 | }
43 | ]
44 | }
45 | ```
46 | 1. Updates the dependencies in `composer.lock`:
47 |
48 | ```
49 | composer update
50 | ```
51 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Classes/Mysql4Sniff.php:
--------------------------------------------------------------------------------
1 | getTokens()[$ptr]['content'], $this->deprecatedSuffix) !== false) {
60 | $phpcsFile->addWarning($this->warningMessage, $ptr, $this->warningCode, [], $this->severity);
61 | return true;
62 | }
63 | return false;
64 | };
65 | $next = $phpcsFile->findNext(T_STRING, $stackPtr + 1);
66 | $res = $check($next);
67 | if (!$res) {
68 | $extends = $phpcsFile->findNext(T_EXTENDS, $next + 1);
69 | if ($extends !== false) {
70 | $afterExtends = $phpcsFile->findNext(T_STRING, $extends + 1);
71 | $check($afterExtends);
72 | }
73 | }
74 | }
75 | }
76 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Classes/ObjectInstantiationSniff.php:
--------------------------------------------------------------------------------
1 | findNext(T_STRING, $stackPtr + 1);
69 | $className = $phpcsFile->getTokens()[$next]['content'];
70 | if (preg_match('/^(' . implode(
71 | '|',
72 | $this->disallowedClassPrefixes
73 | ) . ')((?!' . $this->allowedClassPart . ').)*$/i', $className)) {
74 | $phpcsFile->addWarning($this->warningMessage, $stackPtr, $this->warningCode, [$className], $this->severity);
75 | }
76 | }
77 | }
78 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Classes/ResourceModelSniff.php:
--------------------------------------------------------------------------------
1 | getTokens()[$stackPtr]['content'];
97 | static $fileName;
98 | static $calledMethods;
99 | if ($fileName != $phpcsFile->getFilename()) {
100 | $fileName = $phpcsFile->getFilename();
101 | $calledMethods = array_flip(array_map(function ($element) {
102 | return $element['content'];
103 | }, $this->getCalledMethods($phpcsFile)));
104 | }
105 | if (isset($calledMethods[$methodName])
106 | && in_array($methodName, $this->disallowedMethods)
107 | && !$this->isInResourceModel($phpcsFile)
108 | ) {
109 | $phpcsFile->addWarning(
110 | $this->warningMessage,
111 | $stackPtr,
112 | $this->warningCode,
113 | [strtoupper($methodName)],
114 | $this->severity
115 | );
116 | }
117 | }
118 |
119 | /**
120 | * Needed pointer to search. Can be class for M1 or namespace for M2.
121 | *
122 | * @param File $phpcsFile
123 | * @return mixed
124 | */
125 | protected function getNeededPointer(File $phpcsFile)
126 | {
127 | $tokens = $phpcsFile->getTokens();
128 | return array_search($this->token, array_map(function ($element) {
129 | return $element['code'];
130 | }, $tokens));
131 | }
132 |
133 | /**
134 | * Check if class is Resource Model.
135 | *
136 | * @param File $phpcsFile
137 | * @return bool
138 | */
139 | protected function isInResourceModel(File $phpcsFile)
140 | {
141 | $neededPointer = $this->getNeededPointer($phpcsFile);
142 | if ($neededPointer !== false) {
143 | $classPointer = $phpcsFile->findNext(T_STRING, $neededPointer + 1);
144 | if ($classPointer !== false) {
145 | $className = $phpcsFile->getTokens()[$classPointer]['content'];
146 | return $this->isInResourceModelFlag($className);
147 | }
148 | }
149 | return false;
150 | }
151 |
152 | /**
153 | * Check if string contains substring.
154 | *
155 | * @param string $stringToSearch
156 | * @return bool
157 | */
158 | protected function isInResourceModelFlag($stringToSearch)
159 | {
160 | return strpos($stringToSearch, $this->resourceModel) !== false;
161 | }
162 | }
163 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/CodeAnalysis/EmptyBlockSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
53 | $endOfStatement = $phpcsFile->findEndOfStatement($stackPtr);
54 | $posOfException = $phpcsFile->findNext(T_STRING, $stackPtr, $endOfStatement);
55 | if ($tokens[$posOfException]['content'] === 'Exception') {
56 | $phpcsFile->addWarning(
57 | $this->warningMessage,
58 | $stackPtr,
59 | $this->warningCode,
60 | $posOfException,
61 | $this->severity
62 | );
63 | }
64 | }
65 | }
66 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Exceptions/NamespaceSniff.php:
--------------------------------------------------------------------------------
1 | findNext(T_NAMESPACE, 0) === false) {
52 | return;
53 | }
54 |
55 | $tokens = $phpcsFile->getTokens();
56 | $endOfStatement = $phpcsFile->findEndOfStatement($stackPtr);
57 | $posOfExceptionClassName = $phpcsFile->findNext(T_STRING, $stackPtr, $endOfStatement);
58 | $posOfNsSeparator = $phpcsFile->findNext(T_NS_SEPARATOR, $stackPtr, $posOfExceptionClassName);
59 | if ($posOfNsSeparator === false && $posOfExceptionClassName !== false) {
60 | $exceptionClassName = trim($tokens[$posOfExceptionClassName]['content']);
61 | $posOfClassInUse = $phpcsFile->findNext(T_STRING, 0, $stackPtr, false, $exceptionClassName);
62 | if ($posOfClassInUse === false || $tokens[$posOfClassInUse]['level'] != 0) {
63 | $phpcsFile->addError(
64 | $this->errorMessage,
65 | $stackPtr,
66 | $this->errorCode,
67 | $exceptionClassName,
68 | $this->severity
69 | );
70 | }
71 | }
72 | }
73 | }
74 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/PHP/GotoSniff.php:
--------------------------------------------------------------------------------
1 | addError($this->errorMessage, $stackPtr, $this->errorCode, [], $this->severity);
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/PHP/PrivateClassMemberSniff.php:
--------------------------------------------------------------------------------
1 | addWarning($this->warningMessage, $stackPtr, $this->warningCode, [], $this->severity);
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/PHP/SyntaxSniff.php:
--------------------------------------------------------------------------------
1 | execute($phpcsFile, $phpPath);
48 | }//end process()
49 |
50 | protected function execute(File $phpcsFile, $phpPath)
51 | {
52 | if ($phpPath === null) {
53 | // PHP_BINARY is available in PHP 5.4+.
54 | if (defined('PHP_BINARY') === true) {
55 | $phpPath = PHP_BINARY;
56 | } else {
57 | return;
58 | }
59 | }
60 | $fileName = $phpcsFile->getFilename();
61 | $cmd = "$phpPath -l \"$fileName\" 2>&1";
62 | $output = shell_exec($cmd);
63 |
64 | $matches = [];
65 | if (preg_match('/^.*error:(.*) in .* on line ([0-9]+)/', trim($output), $matches) === 1) {
66 | $error = trim($matches[1]);
67 | $line = (int)$matches[2];
68 | $phpcsFile->addErrorOnLine($this->errorMessage, $line, $this->errorCode, [$error], $this->severity);
69 | }
70 |
71 | // Ignore the rest of the file.
72 | return ($phpcsFile->numTokens + 1);
73 | }
74 | }
75 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/PHP/VarSniff.php:
--------------------------------------------------------------------------------
1 | addWarning($this->warningMessage, $stackPtr, $this->warningCode, [], $this->severity);
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Performance/CollectionCountSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
59 | if (!in_array($tokens[$stackPtr]['content'], $this->methods)) {
60 | return;
61 | }
62 | $prevToken = $phpcsFile->findPrevious(T_WHITESPACE, $stackPtr - 1, null, true);
63 | if ($tokens[$prevToken]['code'] !== T_OBJECT_OPERATOR) {
64 | return;
65 | }
66 | $prevPrevToken = $phpcsFile->findPrevious(
67 | [
68 | T_WHITESPACE,
69 | T_OPEN_PARENTHESIS,
70 | T_CLOSE_PARENTHESIS,
71 | ],
72 | $prevToken - 1,
73 | null,
74 | true
75 | );
76 | if (($tokens[$prevPrevToken]['code'] === T_VARIABLE || $tokens[$prevPrevToken]['code'] === T_STRING)
77 | && stripos($tokens[$prevPrevToken]['content'], 'collection') !== false
78 | ) {
79 | $phpcsFile->addWarning($this->warningMessage, $stackPtr, $this->warningCode, [], $this->severity);
80 | }
81 | }
82 | }
83 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Performance/EmptyCheckSniff.php:
--------------------------------------------------------------------------------
1 | [
39 | 'message' => 'count(...) function should not be used to check if array is empty. Use empty(...) language construct instead',
40 | 'code' => 'FoundCount'
41 | ],
42 | 'strlen' => [
43 | 'message' => 'strlen(...) function should not be used to check if string is empty. Consider replace with $... (=/!)== ""',
44 | 'code' => 'FoundStrlen'
45 | ],
46 | ];
47 | // @codingStandardsIgnoreEnd
48 |
49 | /**
50 | * List of comparison operators that are used to check if statement is empty.
51 | *
52 | * @var array
53 | */
54 | protected $comparisonOperators = [
55 | T_GREATER_THAN,
56 | T_IS_NOT_IDENTICAL,
57 | T_IS_NOT_EQUAL
58 | ];
59 |
60 | /**
61 | * List of all other comparison operators that can follow the statement.
62 | *
63 | * @var array
64 | */
65 | protected $otherComparisonOperators = [
66 | T_IS_GREATER_OR_EQUAL,
67 | T_LESS_THAN,
68 | T_IS_SMALLER_OR_EQUAL,
69 | T_IS_IDENTICAL,
70 | T_IS_EQUAL
71 | ];
72 |
73 | /**
74 | * List of logic operators that show an end of condition.
75 | *
76 | * @var array
77 | */
78 | protected $logicOperators = [
79 | T_BOOLEAN_AND,
80 | T_BOOLEAN_OR,
81 | T_LOGICAL_AND,
82 | T_LOGICAL_OR
83 | ];
84 |
85 | /**
86 | * @inheritdoc
87 | */
88 | public function register()
89 | {
90 | return [T_IF, T_ELSEIF];
91 | }
92 |
93 | /**
94 | * @inheritdoc
95 | */
96 | public function process(File $phpcsFile, $stackPtr)
97 | {
98 | $this->tokens = $phpcsFile->getTokens();
99 | $functionPosition = $this->findFunctionPosition($stackPtr);
100 | if ($functionPosition !== false
101 | && array_key_exists('nested_parenthesis', $this->tokens[$functionPosition])
102 | ) {
103 | $openParenthesisPosition = key($this->tokens[$functionPosition]['nested_parenthesis']);
104 | $endOfStatementPosition = $this->tokens[$openParenthesisPosition]['parenthesis_closer'];
105 | $nextOperatorPosition = $phpcsFile->findNext(
106 | $this->logicOperators,
107 | $functionPosition,
108 | $endOfStatementPosition
109 | );
110 | if ($nextOperatorPosition !== false) {
111 | $endOfStatementPosition = $nextOperatorPosition;
112 | }
113 | $operatorPosition = $phpcsFile->findNext(
114 | $this->comparisonOperators,
115 | $functionPosition,
116 | $endOfStatementPosition
117 | );
118 | $code = $this->map[$this->tokens[$functionPosition]['content']]['code'];
119 | $message = $this->map[$this->tokens[$functionPosition]['content']]['message'];
120 | if ($operatorPosition !== false) {
121 | if ($phpcsFile->findNext(T_LNUMBER, $operatorPosition, $endOfStatementPosition, false, '0') !== false) {
122 | $phpcsFile->addWarning($message, $stackPtr, $code, [], $this->severity);
123 | }
124 | } else {
125 | // @codingStandardsIgnoreLine
126 | if ($phpcsFile->findNext($this->otherComparisonOperators, $functionPosition, $endOfStatementPosition) === false) {
127 | $phpcsFile->addWarning($message, $stackPtr, $code, [], $this->severity);
128 | }
129 | }
130 | }
131 | }
132 |
133 | /**
134 | * Find the position of discouraged function between parenthesis.
135 | *
136 | * @param int $index
137 | * @return mixed
138 | */
139 | private function findFunctionPosition($index)
140 | {
141 | // @codingStandardsIgnoreLine
142 | for ($i = $this->tokens[$index]['parenthesis_opener'] + 1; $i < $this->tokens[$index]['parenthesis_closer']; $i++) {
143 | if (array_key_exists($this->tokens[$i]['content'], $this->map)) {
144 | return $i;
145 | }
146 | }
147 | return false;
148 | }
149 | }
150 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Performance/InefficientMethodsSniff.php:
--------------------------------------------------------------------------------
1 | [
31 | 'message' => '%s does not limit the result of collection load to one item.',
32 | 'code' => 'FoundGetFirstItem'
33 | ],
34 | 'fetchall' => [
35 | 'message' => '%s can be memory inefficient for large data sets.',
36 | 'code' => 'FoundFetchAll'
37 | ],
38 | ];
39 |
40 | /**
41 | * @inheritdoc
42 | */
43 | public function register()
44 | {
45 | return [T_OBJECT_OPERATOR, T_DOUBLE_COLON];
46 | }
47 |
48 | /**
49 | * @inheritdoc
50 | */
51 | public function process(File $phpcsFile, $stackPtr)
52 | {
53 | $tokens = $phpcsFile->getTokens();
54 | $posOfMethod = $phpcsFile->findNext(T_STRING, $stackPtr + 1);
55 | $methodName = strtolower($tokens[$posOfMethod]['content']);
56 |
57 | if (array_key_exists($methodName, $this->map)) {
58 | $code = $this->map[$methodName]['code'];
59 | $warningMessage = sprintf($this->map[$methodName]['message'], $tokens[$posOfMethod]['content']);
60 |
61 | $phpcsFile->addWarning(
62 | $warningMessage,
63 | $posOfMethod,
64 | $code,
65 | [$tokens[$posOfMethod]['content'] . '()'],
66 | $this->severity
67 | );
68 | }
69 | }
70 | }
71 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Performance/LoopSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
100 | if (!array_key_exists('scope_opener', $tokens[$stackPtr])) {
101 | return;
102 | }
103 | for ($ptr = $tokens[$stackPtr]['scope_opener'] + 1; $ptr < $tokens[$stackPtr]['scope_closer']; $ptr++) {
104 | $content = $tokens[$ptr]['content'];
105 | if ($tokens[$ptr]['code'] !== T_STRING || in_array($ptr, $this->processedStackPointers)) {
106 | continue;
107 | }
108 | $warning = '';
109 | $code = '';
110 | if (in_array($content, $this->countFunctions)) {
111 | $warning = 'Array size calculation function %s detected in loop';
112 | $code = 'ArraySize';
113 | } elseif (in_array($content, $this->modelLsdMethods)) {
114 | $warning = 'Model LSD method %s detected in loop';
115 | $code = 'ModelLSD';
116 | } elseif (in_array($content, $this->dataLoadMethods)) {
117 | $warning = 'Data load %s method detected in loop';
118 | $code = 'DataLoad';
119 | }
120 | if ($warning) {
121 | $phpcsFile->addWarning($warning, $ptr, $code, [$content . '()'], $this->severity);
122 | $this->processedStackPointers[] = $ptr;
123 | }
124 | }
125 | }
126 | }
127 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/SQL/MissedIndexesSniff.php:
--------------------------------------------------------------------------------
1 | getFilename(), 'sql') !== false) {
59 | $methods = $this->getCalledMethods($sourceFile);
60 | $methodNames = array_map(function ($element) {
61 | return $element['content'];
62 | }, $methods);
63 | if (in_array('newTable', $methodNames) && !in_array('addIndex', $methodNames)) {
64 | $sourceFile->addWarning($this->warningMessage, $index, $this->warningCode, [], $this->severity);
65 | }
66 | }
67 | }
68 | }
69 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/SQL/RawQuerySniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
79 | $ignoredTokens = array_merge([T_WHITESPACE, T_OPEN_PARENTHESIS], Tokens::$stringTokens);
80 | $prev = $tokens[$phpcsFile->findPrevious($ignoredTokens, $stackPtr - 1, null, true)];
81 |
82 | if ($prev['code'] === T_EQUAL
83 | || ($prev['code'] === T_STRING && in_array($prev['content'], $this->queryFunctions))
84 | || in_array($tokens[$stackPtr]['code'], [T_HEREDOC, T_NOWDOC])
85 | ) {
86 | $trim = function ($str) {
87 | return trim(str_replace(['\'', '"'], '', $str));
88 | };
89 | if (preg_match('/^(' . implode('|', $this->statements) . ')\s/i', $trim($tokens[$stackPtr]['content']))) {
90 | $phpcsFile->addWarning(
91 | $this->warningMessage,
92 | $stackPtr,
93 | $this->warningCode,
94 | [trim($tokens[$stackPtr]['content'])],
95 | $this->severity
96 | );
97 | }
98 | }
99 | }
100 | }
101 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/SQL/SlowQuerySniff.php:
--------------------------------------------------------------------------------
1 | getStrTokens());
90 | }
91 |
92 | /**
93 | * @inheritdoc
94 | */
95 | public function process(File $phpcsFile, $stackPtr)
96 | {
97 | $tokens = $phpcsFile->getTokens();
98 | $ignoredTokens = array_merge([T_WHITESPACE, T_OPEN_PARENTHESIS], Tokens::$stringTokens);
99 | $prev = $tokens[$phpcsFile->findPrevious($ignoredTokens, $stackPtr - 1, null, true)];
100 | if (($prev['code'] === T_EQUAL || $prev['code'] == T_STRING)
101 | && in_array($tokens[$stackPtr]['code'], $this->getStrTokens())
102 | ) {
103 | if (preg_match('/(' . implode('|', $this->rawStatements) . ')\s/i', trim($tokens[$stackPtr]['content']))) {
104 | $phpcsFile->addWarning(
105 | $this->warningMessage,
106 | $stackPtr,
107 | $this->slowRawSqlCode,
108 | [trim($tokens[$stackPtr]['content'])],
109 | $this->severity
110 | );
111 | }
112 | } else {
113 | if ($prev['code'] === T_OBJECT_OPERATOR
114 | && $tokens[$stackPtr]['code'] === T_STRING
115 | && in_array($tokens[$stackPtr]['content'], $this->adapterMethods)
116 | ) {
117 | $phpcsFile->addWarning(
118 | $this->warningMessage,
119 | $stackPtr,
120 | $this->slowSqlCode,
121 | [trim($tokens[$stackPtr]['content'])],
122 | $this->severity
123 | );
124 | }
125 | }
126 | }
127 | }
128 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Security/AclSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
67 | $classScopeStart = $tokens[$stackPtr]['scope_opener'];
68 | $classScopeEnd = $tokens[$stackPtr]['scope_closer'];
69 | $classPosition = $stackPtr;
70 | $stackPtr = $phpcsFile->findNext(T_STRING, $stackPtr + 1);
71 | $className = $tokens[$stackPtr]['content'];
72 | if (false === ($stackPtr = $phpcsFile->findNext(T_EXTENDS, $stackPtr + 1))) {
73 | // the currently tested class hasn't extended any class
74 | return;
75 | }
76 | $stackPtr = $phpcsFile->findNext(T_STRING, $stackPtr + 1);
77 | $parentClassName = $tokens[$stackPtr]['content'];
78 | if ($parentClassName === $this->parentClassName) {
79 | while (false !== ($stackPtr = $phpcsFile->findNext(
80 | Tokens::$emptyTokens,
81 | $classScopeStart + 1,
82 | $classScopeEnd - 1,
83 | true,
84 | 'function'
85 | )
86 | )
87 | ) {
88 | $stackPtr = $phpcsFile->findNext(T_STRING, $stackPtr + 1);
89 | $methodName = $tokens[$stackPtr]['content'];
90 | $classScopeStart = $stackPtr;
91 | if ($methodName === $this->requiredAclMethodName) {
92 | // the currently tested class has implemented the required ACL method
93 | return;
94 | }
95 | }
96 | $phpcsFile->addError(
97 | $this->errorMessage,
98 | $classPosition,
99 | $this->errorCode,
100 | [$this->requiredAclMethodName, $className],
101 | $this->severity
102 | );
103 | }
104 | }
105 | }
106 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Security/DiscouragedFunctionSniff.php:
--------------------------------------------------------------------------------
1 | null,
37 | '^bindtextdomain$' => null,
38 | '^bz.*$' => null,
39 | '^call_user_func$' => null,
40 | '^call_user_func_array$' => null,
41 | '^chdir$' => null,
42 | '^chgrp$' => null,
43 | '^chmod$' => null,
44 | '^chown$' => null,
45 | '^chroot$' => null,
46 | '^com_load_typelib$' => null,
47 | '^copy$' => null,
48 | '^curl_.*$' => null,
49 | '^cyrus_connect$' => null,
50 | '^dba_.*$' => null,
51 | '^dbase_.*$' => null,
52 | '^dbx_.*$' => null,
53 | '^dcgettext$' => null,
54 | '^dcngettext$' => null,
55 | '^dgettext$' => null,
56 | '^dio_.*$' => null,
57 | '^dirname$' => null,
58 | '^dngettext$' => null,
59 | '^domxml_.*$' => null,
60 | '^fbsql_.*$' => null,
61 | '^fdf_add_doc_javascript$' => null,
62 | '^fdf_open$' => null,
63 | '^fopen$' => null,
64 | '^fclose$' => null,
65 | '^fsockopen$' => null,
66 | '^ftp_.*$' => null,
67 | '^fwrite$' => null,
68 | '^gettext$' => null,
69 | '^gz.*$' => null,
70 | '^header$' => null,
71 | '^highlight_file$' => null,
72 | '^ibase_.*$' => null,
73 | '^id3_set_tag$' => null,
74 | '^ifx_.*$' => null,
75 | '^image.*$' => null,
76 | '^imap_.*$' => null,
77 | '^ingres_.*$' => null,
78 | '^ircg_.*$' => null,
79 | '^ldap_.*$' => null,
80 | '^link$' => null,
81 | '^mail$' => null,
82 | '^mb_send_mail$' => null,
83 | '^mkdir$' => null,
84 | '^move_uploaded_file$' => null,
85 | '^msession_.*$' => null,
86 | '^msg_send$' => null,
87 | '^msql$' => null,
88 | '^msql_.*$' => null,
89 | '^mssql_.*$' => null,
90 | '^mysql_.*$' => null,
91 | '^odbc_.*$' => null,
92 | '^opendir$' => null,
93 | '^openlog$' => null,
94 | '^ora_.*$' => null,
95 | '^ovrimos_.*$' => null,
96 | '^parse_ini_file$' => null,
97 | '^parse_str$' => null,
98 | '^parse_url$' => null,
99 | '^parsekit_compile_string$' => null,
100 | '^pathinfo$' => null,
101 | '^pcntl_.*$' => null,
102 | '^posix_.*$' => null,
103 | '^pfpro_.*$' => null,
104 | '^pfsockopen$' => null,
105 | '^pg_.*$' => null,
106 | '^php_check_syntax$' => null,
107 | '^print_r$' => null,
108 | '^printf$' => null,
109 | '^putenv$' => null,
110 | '^readfile$' => null,
111 | '^readgzfile$' => null,
112 | '^readline$' => null,
113 | '^readlink$' => null,
114 | '^register_shutdown_function$' => null,
115 | '^register_tick_function$' => null,
116 | '^rename$' => null,
117 | '^rmdir$' => null,
118 | '^scandir$' => null,
119 | '^session_.*$' => null,
120 | '^set_include_path$' => null,
121 | '^ini_set$' => null,
122 | '^set_time_limit$' => null,
123 | '^setcookie$' => null,
124 | '^setlocale$' => null,
125 | '^setrawcookie$' => null,
126 | '^sleep$' => null,
127 | '^socket_.*$' => null,
128 | '^stream_.*$' => null,
129 | '^sybase_.*$' => null,
130 | '^symlink$' => null,
131 | '^syslog$' => null,
132 | '^touch$' => null,
133 | '^trigger_error$' => null,
134 | '^unlink$' => null,
135 | '^vprintf$' => null,
136 | '^mysqli.*$' => null,
137 | '^oci_connect$' => null,
138 | '^oci_pconnect$' => null,
139 | '^quotemeta$' => null,
140 | '^sqlite_popen$' => null,
141 | '^time_nanosleep$' => null,
142 | '^base64_decode$' => null,
143 | '^base_convert$' => null,
144 | '^basename$' => null,
145 | '^chr$' => null,
146 | '^convert_cyr_string$' => null,
147 | '^dba_nextkey$' => null,
148 | '^dns_get_record$' => null,
149 | '^extract$' => null,
150 | '^fdf_.*$' => null,
151 | '^fget.*$' => null,
152 | '^fread$' => null,
153 | '^fflush$' => null,
154 | '^get_browser$' => null,
155 | '^get_headers$' => null,
156 | '^get_meta_tags$' => null,
157 | '^getallheaders$' => null,
158 | '^getenv$' => null,
159 | '^getopt$' => null,
160 | '^headers_list$' => null,
161 | '^hebrev$' => null,
162 | '^hebrevc$' => null,
163 | '^highlight_string$' => null,
164 | '^html_entity_decode$' => null,
165 | '^ibase_blob_import$' => null,
166 | '^id3_get_tag$' => null,
167 | '^import_request_variables$' => null,
168 | '^ircg_nickname_unescape$' => null,
169 | '^ldap_get_values$' => null,
170 | '^mb_decode_mimeheader$' => null,
171 | '^mb_parse_str$' => null,
172 | '^mcrypt_decrypt$' => null,
173 | '^mdecrypt_generic$' => null,
174 | '^msg_receive$' => null,
175 | '^ngettext$' => null,
176 | '^ob_get_contents$' => null,
177 | '^ob_get_flush$' => null,
178 | '^rawurldecode$' => null,
179 | '^shm_get_var$' => null,
180 | '^stripcslashes$' => null,
181 | '^stripslashes$' => null,
182 | '^token_get_all$' => null,
183 | '^unpack$' => null,
184 | '^convert_uudecode$' => null,
185 | '^iconv_mime_decode$' => null,
186 | '^iconv_mime_decode_headers$' => null,
187 | '^iconv_mime_encode$' => null,
188 | '^iconv_set_encoding$' => null,
189 | '^php_strip_whitespace$' => null,
190 | '^addcslashes$' => null,
191 | '^addslashes$' => null,
192 | '^escapeshellarg$' => null,
193 | '^escapeshellcmd$' => null,
194 | '^gettype$' => null,
195 | '^var_dump$' => null,
196 | '^tempnam$' => null,
197 | '^realpath$' => null,
198 | '^linkinfo$' => null,
199 | '^lstat$' => null,
200 | '^stat$' => null,
201 | '^lchgrp$' => null,
202 | '^lchown$' => null,
203 | '^show_source$' => null,
204 | '^is_dir$' => null,
205 | '^is_executable$' => null,
206 | '^is_file$' => null,
207 | '^is_link$' => null,
208 | '^is_readable$' => null,
209 | '^is_writable$' => null,
210 | '^is_writeable$' => null,
211 | '^is_uploaded_file$' => null,
212 | '^glob$' => null,
213 | '^ssh2_.*$' => null,
214 | '^delete$' => null,
215 | '^file.*$' => null,
216 | '^chop$' => 'rtrim()',
217 | '^sizeof$' => 'count()',
218 | '^is_null$' => 'strict comparison "=== null"',
219 | '^intval$' => '(int) construction',
220 | '^strval$' => '(string) construction',
221 | ];
222 |
223 | /**
224 | * Generates warning for this sniff.
225 | *
226 | * @param File $phpcsFile The file being scanned.
227 | * @param int $stackPtr The position of the forbidden function
228 | * in the token array.
229 | * @param string $function The name of the forbidden function.
230 | * @param string $pattern The pattern used for the match.
231 | *
232 | * @return void
233 | */
234 | protected function addError($phpcsFile, $stackPtr, $function, $pattern = null)
235 | {
236 | $data = [$function];
237 | $warningMessage = 'The use of function %s() is discouraged';
238 | $warningCode = 'Found';
239 | if ($pattern === null) {
240 | $pattern = $function;
241 | }
242 | if ($this->forbiddenFunctions[$pattern] !== null) {
243 | $warningCode .= 'WithAlternative';
244 | $data[] = $this->forbiddenFunctions[$pattern];
245 | $warningMessage .= '; use %s instead.';
246 | }
247 | $phpcsFile->addWarning($warningMessage, $stackPtr, $warningCode, $data, $this->severity);
248 | }
249 | }
250 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Security/IncludeFileSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
53 | $firstToken = $phpcsFile->findNext(Tokens::$emptyTokens, $stackPtr + 1, null, true);
54 | $message = '"%s" statement detected. File manipulations are discouraged.';
55 | if ($tokens[$firstToken]['code'] === T_OPEN_PARENTHESIS) {
56 | $message .= ' Statement is not a function, no parentheses are required.';
57 | $firstToken = $phpcsFile->findNext(Tokens::$emptyTokens, $firstToken + 1, null, true);
58 | }
59 | $nextToken = $firstToken;
60 | $ignoredTokens = array_merge(Tokens::$emptyTokens, [T_CLOSE_PARENTHESIS]);
61 | $isConcatenated = false;
62 | $isUrl = false;
63 | $hasVariable = false;
64 | $includePath = '';
65 | while ($tokens[$nextToken]['code'] !== T_SEMICOLON &&
66 | $tokens[$nextToken]['code'] !== T_CLOSE_TAG) {
67 | switch ($tokens[$nextToken]['code']) {
68 | case T_CONSTANT_ENCAPSED_STRING:
69 | $includePath = trim($tokens[$nextToken]['content'], '"\'');
70 | if (preg_match($this->urlPattern, $includePath)) {
71 | $isUrl = true;
72 | }
73 | break;
74 | case T_STRING_CONCAT:
75 | $isConcatenated = true;
76 | break;
77 | case T_VARIABLE:
78 | $hasVariable = true;
79 | break;
80 | }
81 | $nextToken = $phpcsFile->findNext($ignoredTokens, $nextToken + 1, null, true);
82 | }
83 | if ($tokens[$stackPtr]['level'] === 0 && stripos($includePath, 'controller') !== false) {
84 | $nextToken = $phpcsFile->findNext(T_CLASS, $nextToken + 1);
85 | if ($nextToken) {
86 | $nextToken = $phpcsFile->findNext(Tokens::$emptyTokens, $nextToken + 1, null, true);
87 | $className = $tokens[$nextToken]['content'];
88 | if (strripos($className, 'controller') !== false) {
89 | return;
90 | }
91 | }
92 | }
93 | if ($isUrl) {
94 | $message .= ' Passing urls is forbidden.';
95 | }
96 | if ($isConcatenated) {
97 | $message .= ' Concatenating is forbidden.';
98 | }
99 | if ($hasVariable) {
100 | $message .= ' Variables inside are insecure.';
101 | }
102 | $phpcsFile->addWarning(
103 | $message,
104 | $stackPtr,
105 | $this->warningCode,
106 | [$tokens[$stackPtr]['content']],
107 | $this->severity
108 | );
109 | }
110 | }
111 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Security/InsecureFunctionSniff.php:
--------------------------------------------------------------------------------
1 | null,
22 | 'create_function' => null,
23 | 'exec' => null,
24 | 'md5' => 'improved hash functions (SHA-256, SHA-512 etc.)',
25 | 'passthru' => null,
26 | 'pcntl_exec' => null,
27 | 'popen' => null,
28 | 'proc_open' => null,
29 | 'serialize' => null,
30 | 'shell_exec' => null,
31 | 'system' => null,
32 | 'unserialize' => null,
33 | 'srand' => null,
34 | 'mt_srand' => null,
35 | 'mt_rand' => 'random_int',
36 | ];
37 | }
38 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Security/LanguageConstructSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
79 | if ($tokens[$stackPtr]['code'] === T_BACKTICK) {
80 | if ($phpcsFile->findNext(T_BACKTICK, $stackPtr + 1)) {
81 | return;
82 | }
83 | $phpcsFile->addError($this->errorMessageBacktick, $stackPtr, $this->backtickCode, [], $this->severity);
84 | return;
85 | }
86 | if ($tokens[$stackPtr]['code'] === T_EXIT) {
87 | $code = $this->exitUsage;
88 | } else {
89 | $code = $this->directOutput;
90 | }
91 | $phpcsFile->addError($this->errorMessage, $stackPtr, $code, [$tokens[$stackPtr]['content']], $this->severity);
92 | }
93 | }
94 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Security/SuperglobalSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
98 | $var = $tokens[$stackPtr]['content'];
99 | if (in_array($var, $this->superGlobalErrors)) {
100 | $phpcsFile->addError(
101 | $this->errorMessage,
102 | $stackPtr,
103 | $this->errorCode,
104 | [$var],
105 | $this->errorSeverity
106 | );
107 | } elseif (in_array($var, $this->superGlobalWarning)) {
108 | $phpcsFile->addWarning(
109 | $this->warningMessage,
110 | $stackPtr,
111 | $this->warningCode,
112 | [$var],
113 | $this->warningSeverity
114 | );
115 | }
116 | }
117 | }
118 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Stdlib/DateTimeSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
78 | if (in_array($tokens[$stackPtr]['content'], $this->dateTimeClasses)
79 | || in_array($tokens[$stackPtr]['content'], $this->dateTimeFunctions)
80 | ) {
81 | $phpcsFile->addWarning($this->warningMessage, $stackPtr, $this->warningCode, [], $this->severity);
82 | }
83 | }
84 | }
85 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Strings/RegExSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
74 | if (!in_array($tokens[$stackPtr]['content'], $this->functions)) {
75 | return;
76 | }
77 | $prevToken = $phpcsFile->findPrevious(T_WHITESPACE, $stackPtr - 1, null, true);
78 | if (in_array($tokens[$prevToken]['code'], $this->ignoreTokens)) {
79 | return;
80 | }
81 | $nextToken = $phpcsFile->findNext([T_WHITESPACE, T_OPEN_PARENTHESIS], $stackPtr + 1, null, true);
82 | if (in_array($tokens[$nextToken]['code'], Tokens::$stringTokens)
83 | && preg_match('/[#\/|~\}\)][imsxADSUXJu]*e[imsxADSUXJu]*.$/', $tokens[$nextToken]['content'])
84 | ) {
85 | $phpcsFile->addError(
86 | $this->errorMessage,
87 | $stackPtr,
88 | $this->errorCode,
89 | [$tokens[$stackPtr]['content']],
90 | $this->severity
91 | );
92 | }
93 | }
94 | }
95 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Strings/StringConcatSniff.php:
--------------------------------------------------------------------------------
1 | getTokens();
53 | $prev = $phpcsFile->findPrevious(T_WHITESPACE, $stackPtr - 1, null, true);
54 | $next = $phpcsFile->findNext(T_WHITESPACE, $stackPtr + 1, null, true);
55 | if ($prev === false || $next === false) {
56 | return;
57 | }
58 | $beforePrev = $phpcsFile->findPrevious(T_WHITESPACE, $prev - 1, null, true);
59 | $stringTokens = Tokens::$stringTokens;
60 | if ($tokens[$beforePrev]['code'] === T_STRING_CONCAT
61 | || in_array($tokens[$prev]['code'], $stringTokens)
62 | || in_array($tokens[$next]['code'], $stringTokens)
63 | ) {
64 | $phpcsFile->addWarning($this->warningMessage, $stackPtr, $this->warningCode, [], $this->severity);
65 | }
66 | }
67 | }
68 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Strings/StringPositionSniff.php:
--------------------------------------------------------------------------------
1 | tokens = $phpcsFile->getTokens();
126 | $this->file = $phpcsFile;
127 | $this->leftLimit = $open = $this->tokens[$stackPtr]['parenthesis_opener'];
128 | $this->rightLimit = $close = $this->tokens[$stackPtr]['parenthesis_closer'];
129 | for ($i = ($open + 1); $i < $close; $i++) {
130 | if (($this->tokens[$i]['code'] === T_STRING && in_array($this->tokens[$i]['content'], $this->functions))
131 | && (!$this->findIdentical($i - 1, $this->findFunctionParenthesisCloser($i) + 1))
132 | ) {
133 | $foundFunctionName = $this->tokens[$i]['content'];
134 | $phpcsFile->addError($this->errorMessage, $i, $this->errorCode, [$foundFunctionName], $this->severity);
135 | }
136 | }
137 | }
138 |
139 | /**
140 | * Recursively finds identical operators in current scope.
141 | *
142 | * @param int $leftCurrentPosition
143 | * @param int $rightCurrentPosition
144 | * @return bool
145 | */
146 | protected function findIdentical($leftCurrentPosition, $rightCurrentPosition)
147 | {
148 | $leftBound = $this->file->findPrevious($this->leftRangeTokens, $leftCurrentPosition, $this->leftLimit - 1);
149 | $rightBound = $this->file->findNext($this->rightRangeTokens, $rightCurrentPosition, $this->rightLimit + 1);
150 | $leftToken = $this->tokens[$leftBound];
151 | $rightToken = $this->tokens[$rightBound];
152 | if ($leftToken['code'] === T_OPEN_PARENTHESIS && $rightToken['code'] === T_CLOSE_PARENTHESIS) {
153 | return $this->findIdentical($leftBound - 1, $rightBound + 1);
154 | } else {
155 | return (
156 | in_array($leftToken['code'], $this->identical) || in_array($rightToken['code'], $this->identical)
157 | ) ?: false;
158 | }
159 | }
160 |
161 | /**
162 | * Finds the position of close parenthesis of detected function.
163 | *
164 | * @param int $currentPosition
165 | * @return mixed
166 | */
167 | protected function findFunctionParenthesisCloser($currentPosition)
168 | {
169 | $nextOpenParenthesis = $this->file->findNext(T_OPEN_PARENTHESIS, $currentPosition, $this->rightLimit);
170 | return $nextOpenParenthesis ? $this->tokens[$nextOpenParenthesis]['parenthesis_closer'] : false;
171 | }
172 | }
173 |
--------------------------------------------------------------------------------
/MEQP1/Sniffs/Templates/XssTemplateSniff.php:
--------------------------------------------------------------------------------
1 | file = $phpcsFile;
132 | $this->tokens = $this->file->getTokens();
133 |
134 | $annotation = $this->findSpecialAnnotation($stackPtr);
135 | if ($annotation !== false) {
136 | foreach ($this->allowedAnnotations as $allowedAnnotation) {
137 | if (strpos($this->tokens[$annotation]['content'], $allowedAnnotation) !== false) {
138 | return;
139 | }
140 | }
141 | $this->hasDisallowedAnnotation = true;
142 | }
143 |
144 | $endOfStatement = $phpcsFile->findNext([T_CLOSE_TAG, T_SEMICOLON], $stackPtr);
145 | $this->addStatement($stackPtr + 1, $endOfStatement);
146 |
147 | while ($this->statements) {
148 | $statement = array_shift($this->statements);
149 | $this->detectUnescapedString($statement);
150 | }
151 | }
152 |
153 | /**
154 | * Finds special annotations which are used for mark is output should be escaped.
155 | *
156 | * @param int $stackPtr
157 | * @return int|bool
158 | */
159 | private function findSpecialAnnotation($stackPtr)
160 | {
161 | if ($this->tokens[$stackPtr]['code'] === T_ECHO) {
162 | $startOfStatement = $this->file->findPrevious(T_OPEN_TAG, $stackPtr);
163 | return $this->file->findPrevious(T_COMMENT, $stackPtr, $startOfStatement);
164 | }
165 | if ($this->tokens[$stackPtr]['code'] === T_OPEN_TAG_WITH_ECHO) {
166 | $endOfStatement = $this->file->findNext([T_CLOSE_TAG, T_SEMICOLON], $stackPtr);
167 | return $this->file->findNext(T_COMMENT, $stackPtr, $endOfStatement);
168 | }
169 | return false;
170 | }
171 |
172 | /**
173 | * Find unescaped statement by following rules:
174 | * http://devdocs.magento.com/guides/v2.0/frontend-dev-guide/templates/template-security.html
175 | *
176 | * @param array $statement
177 | * @return void
178 | */
179 | private function detectUnescapedString($statement)
180 | {
181 | $posOfFirstElement = $this->file->findNext(
182 | [T_WHITESPACE, T_COMMENT],
183 | $statement['start'],
184 | $statement['end'],
185 | true
186 | );
187 | if ($this->tokens[$posOfFirstElement]['code'] === T_OPEN_PARENTHESIS) {
188 | $posOfLastElement = $this->file->findPrevious(
189 | T_WHITESPACE,
190 | $statement['end'] - 1,
191 | $statement['start'],
192 | true
193 | );
194 | if ($this->tokens[$posOfFirstElement]['parenthesis_closer'] === $posOfLastElement) {
195 | $this->addStatement($posOfFirstElement + 1, $this->tokens[$posOfFirstElement]['parenthesis_closer']);
196 | return;
197 | }
198 | }
199 | if ($this->parseLineStatement($statement['start'], $statement['end'])) {
200 | return;
201 | }
202 |
203 | $posOfArithmeticOperator = $this->findNextInScope(
204 | [T_PLUS, T_MINUS, T_DIVIDE, T_MULTIPLY, T_MODULUS, T_POW],
205 | $statement['start'],
206 | $statement['end']
207 | );
208 | if ($posOfArithmeticOperator !== false) {
209 | return;
210 | }
211 | switch ($this->tokens[$posOfFirstElement]['code']) {
212 | case T_STRING:
213 | if (!in_array($this->tokens[$posOfFirstElement]['content'], $this->allowedFunctions)) {
214 | $this->addWarning($posOfFirstElement);
215 | }
216 | break;
217 | case T_START_HEREDOC:
218 | case T_DOUBLE_QUOTED_STRING:
219 | $this->addWarning($posOfFirstElement);
220 | break;
221 | case T_VARIABLE:
222 | $posOfObjOperator = $this->findLastInScope(T_OBJECT_OPERATOR, $posOfFirstElement, $statement['end']);
223 | if ($posOfObjOperator === false) {
224 | $this->addWarning($posOfFirstElement);
225 | break;
226 | }
227 | $posOfMethod = $this->file->findNext([T_STRING, T_VARIABLE], $posOfObjOperator + 1, $statement['end']);
228 | if ($this->tokens[$posOfMethod]['code'] === T_STRING &&
229 | (in_array($this->tokens[$posOfMethod]['content'], $this->allowedMethods) ||
230 | stripos($this->tokens[$posOfMethod]['content'], $this->methodNameContains) !== false)
231 | ) {
232 | break;
233 | } else {
234 | $this->addWarning($posOfMethod);
235 | }
236 | break;
237 | case T_CONSTANT_ENCAPSED_STRING:
238 | case T_DOUBLE_CAST:
239 | case T_INT_CAST:
240 | case T_BOOL_CAST:
241 | default:
242 | return;
243 | }
244 | }
245 |
246 | /**
247 | * Split line from start to end by ternary operators and concatenations.
248 | *
249 | * @param int $start
250 | * @param int $end
251 | * @return bool
252 | */
253 | private function parseLineStatement($start, $end)
254 | {
255 | $parsed = false;
256 | $posOfLastInlineThen = $this->findLastInScope(T_INLINE_THEN, $start, $end);
257 | if ($posOfLastInlineThen !== false) {
258 | $posOfInlineElse = $this->file->findNext(T_INLINE_ELSE, $posOfLastInlineThen, $end);
259 | $this->addStatement($posOfLastInlineThen + 1, $posOfInlineElse);
260 | $this->addStatement($posOfInlineElse + 1, $end);
261 | $parsed = true;
262 | } else {
263 | do {
264 | $posOfConcat = $this->findNextInScope(T_STRING_CONCAT, $start, $end);
265 | if ($posOfConcat !== false) {
266 | $this->addStatement($start, $posOfConcat);
267 | $parsed = true;
268 | } elseif ($parsed) {
269 | $this->addStatement($start, $end);
270 | }
271 | $start = $posOfConcat + 1;
272 | } while ($posOfConcat !== false);
273 | }
274 | return $parsed;
275 | }
276 |
277 | /**
278 | * Push statement range in queue to check.
279 | *
280 | * @param int $start
281 | * @param int $end
282 | * @return void
283 | */
284 | private function addStatement($start, $end)
285 | {
286 | $this->statements[] = [
287 | 'start' => $start,
288 | 'end' => $end
289 | ];
290 | }
291 |
292 | /**
293 | * Finds next token position in current scope.
294 | *
295 | * @param int|array $types
296 | * @param int $start
297 | * @param int $end
298 | * @return int|bool
299 | */
300 | private function findNextInScope($types, $start, $end)
301 | {
302 | $types = (array)$types;
303 | $next = $this->file->findNext(array_merge($types, [T_OPEN_PARENTHESIS]), $start, $end);
304 | $nextToken = $this->tokens[$next];
305 | if ($nextToken['code'] === T_OPEN_PARENTHESIS) {
306 | return $this->findNextInScope($types, $nextToken['parenthesis_closer'] + 1, $end);
307 | } else {
308 | return $next;
309 | }
310 | }
311 |
312 | /**
313 | * Finds last token position in current scope.
314 | *
315 | * @param int|array $types
316 | * @param int $start
317 | * @param int $end
318 | * @param int|bool $last
319 | * @return int|bool
320 | */
321 | private function findLastInScope($types, $start, $end, $last = false)
322 | {
323 | $types = (array)$types;
324 | $nextInScope = $this->findNextInScope($types, $start, $end);
325 | if ($nextInScope !== false && $nextInScope > $last) {
326 | return $this->findLastInScope($types, $nextInScope + 1, $end, $nextInScope);
327 | } else {
328 | return $last;
329 | }
330 | }
331 |
332 | /**
333 | * Adds CS warning message.
334 | *
335 | * @param int $position
336 | * @return void
337 | */
338 | private function addWarning($position)
339 | {
340 | if ($this->hasDisallowedAnnotation) {
341 | $this->file->addWarning($this->warningMessage, $position, $this->warningCodeNotAllowed);
342 | } else {
343 | $this->file->addWarning($this->warningMessage, $position, $this->warningCodeUnescaped);
344 | }
345 | }
346 | }
347 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Classes/Mysql4UnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
30 | 7 => 1,
31 | 19 => 1,
32 | ];
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Classes/ObjectInstantiationUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
30 | 6 => 1,
31 | ];
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Classes/ResourceModelUnitTest.inc:
--------------------------------------------------------------------------------
1 | getLayout()->createBlock('catalog/breadcrumbs');
8 | $category = Mage::getResourceModel('catalog/category');
9 | $adapterSelect = $category->getReadConnection()
10 | ->select()
11 | ->reset()
12 | ->joinInner('table_name')
13 | ->joinRight('table_name')
14 | ->joinFull('table_name')
15 | ->joinCross('table_name')
16 | ->joinNatural('table_name')
17 | ->joinLeft('table_name')
18 | ->where('entity_id != 0')
19 | ->orWhere('entity_id > 0')
20 | ->limit(1);
21 | $lookup = $adapterSelect->fetchRow($category);
22 |
23 |
24 | $adapter = $category->getReadConnection()
25 | ->insert('data')
26 | ->insertFromSelect($adapterSelect);
27 |
28 | $adapter = $category->getReadConnection()
29 | ->query()
30 | ->columns();
31 | }
32 |
33 | protected function join()
34 | {
35 | return true;
36 | }
37 |
38 | protected function testMethod()
39 | {
40 | $this->join();
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Classes/ResourceModelUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
30 | 11 => 1,
31 | 12 => 1,
32 | 13 => 1,
33 | 14 => 1,
34 | 15 => 1,
35 | 16 => 1,
36 | 17 => 1,
37 | 18 => 1,
38 | 19 => 1,
39 | 20 => 1,
40 | 25 => 1,
41 | 26 => 1,
42 | 29 => 1,
43 | 30 => 1,
44 | 33 => 1,
45 | 40 => 1
46 | ];
47 | }
48 | }
49 |
--------------------------------------------------------------------------------
/MEQP1/Tests/CodeAnalysis/EmptyBlockUnitTest.inc:
--------------------------------------------------------------------------------
1 | getTraceAsString();
59 | }
60 | }
61 |
62 | try {
63 | throw Exception('Error...');
64 | } catch (Exception $e) {}
65 |
66 | try {
67 | throw Exception('Error...');
68 | } catch (Exception $e) {
69 | // TODO: Handle this exception later :-)
70 | }
71 |
72 | if (true) {} elseif (false) {}
73 |
74 | class EmptyBlockTestInc { /*Empty class block*/ }
75 |
76 | class EmptyBlockTestIncTrue
77 | {
78 | public $field;
79 | }
80 |
81 | abstract class EmptyBlockTestIncAbstract { /*Empty class block*/ }
82 |
83 | abstract class EmptyBlockTestIncTrueAbstract
84 | {
85 | public $field;
86 | }
87 |
88 | function emptyBlock () { /*Empty function block*/ }
89 |
90 | function emptyBlockT () { return true; }
91 |
92 | interface EmptyBlockInterface { /*Empty interface block*/ }
93 |
94 | interface EmptyBlockInterfaceTrue {
95 | public function test();
96 | }
97 |
98 | trait EmptyBlockTrait { /*Empty trait block*/ }
99 |
100 | trait EmptyBlockTraitTrue {
101 | function test() {
102 | return true;
103 | }
104 | }
105 |
--------------------------------------------------------------------------------
/MEQP1/Tests/CodeAnalysis/EmptyBlockUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
22 | 15 => 1,
23 | 17 => 1,
24 | 19 => 1,
25 | 30 => 1,
26 | 35 => 1,
27 | 41 => 1,
28 | 47 => 1,
29 | 52 => 1,
30 | 55 => 1,
31 | 64 => 1,
32 | 68 => 1,
33 | 72 => 2,
34 | 74 => 1,
35 | 81 => 1,
36 | 88 => 1,
37 | 92 => 1,
38 | 98 => 1,
39 | ];
40 | }
41 |
42 | /**
43 | * @inheritdoc
44 | */
45 | public function getWarningList()
46 | {
47 | return [];
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Exceptions/DirectThrowUnitTest.inc:
--------------------------------------------------------------------------------
1 | isEnabled) {
10 | throw new Exception('Action disabled.');
11 | }
12 | }
13 |
14 | public function exceptionTest()
15 | {
16 | if (!$this->isEnabled) {
17 | throw new \Exception('Action disabled.');
18 | }
19 | }
20 |
21 | public function zendExceptionTest()
22 | {
23 | if (!$this->isEnabled) {
24 | throw new Zend_Acl_Role_Registry_Exception('Child Role id does not exist.');
25 | }
26 | }
27 | }
28 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Exceptions/DirectThrowUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
30 | 17 => 1,
31 | ];
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Exceptions/NamespaceUnitTest.inc:
--------------------------------------------------------------------------------
1 | setAuth($ch);
28 | try {
29 | switch (strtoupper($this->verb)) {
30 | case 'GET':
31 | $this->executeGet($ch);
32 | break;
33 | case 'POST':
34 | $this->executePost($ch);
35 | break;
36 | case 'PUT':
37 | $this->executePut($ch);
38 | break;
39 | case 'DELETE':
40 | $this->executeDelete($ch);
41 | break;
42 | default:
43 | throw new \InvalidArgumentException(
44 | 'Current verb (' . $this->verb
45 | . ') is an invalid REST verb.'
46 | );
47 | }
48 | } catch (InvalidArgumentException $e) {
49 | curl_close($ch);
50 | throw $e;
51 | } catch (\Exception $e) {
52 | curl_close($ch);
53 | throw $e;
54 | }
55 | }
56 | }
57 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Exceptions/NamespaceUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
22 | 10 => 1,
23 | 48 => 1,
24 | ];
25 | }
26 |
27 | /**
28 | * @inheritdoc
29 | */
30 | public function getWarningList()
31 | {
32 | return [];
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/MEQP1/Tests/PHP/GotoUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
22 | 4 => 1,
23 | 15 => 1,
24 | ];
25 | }
26 |
27 | /**
28 | * @inheritdoc
29 | */
30 | public function getWarningList()
31 | {
32 | return [];
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/MEQP1/Tests/PHP/PrivateClassMemberUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
30 | 20 => 1,
31 | ];
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/MEQP1/Tests/PHP/SyntaxUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
34 | ];
35 | }
36 |
37 | /**
38 | * @inheritdoc
39 | */
40 | public function getWarningList()
41 | {
42 | return [];
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/MEQP1/Tests/PHP/VarUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
30 | 10 => 1,
31 | 11 => 1,
32 | 12 => 1,
33 | ];
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Performance/CollectionCountUnitTest.inc:
--------------------------------------------------------------------------------
1 | getCollection();
8 | $count = $productCollection->count();
9 | $count2 = Mage::getModel('catalog/product')->getCollection()->count();
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Performance/CollectionCountUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
30 | 9 => 1,
31 | ];
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Performance/EmptyCheckUnitTest.inc:
--------------------------------------------------------------------------------
1 | 0) {
4 | //
5 | }
6 |
7 | if ((anotherFunc($array) !== 0) && count($array) > 0) {
8 | //
9 | }
10 |
11 | if ((count($array) !== 0) && (((anotherFunc($array))))) {
12 | //
13 | }
14 |
15 | if (((count($array)))) {
16 | //
17 | }
18 |
19 | if (count($array) && (anotherFunc($array) !== 0)) {
20 | //
21 | }
22 |
23 | if ($findme === 'a' && (count($array) || $findme !== 'b') && $mystring !== false) {
24 | //
25 | }
26 |
27 | if ($findme === 'a' && (count($array) != 0 || $findme !== 'b') && $mystring !== false) {
28 | //
29 | }
30 |
31 | if ($findme === 'a' && (count($array) > 10 || $findme !== 'b') && $mystring !== false) {
32 | //
33 | }
34 |
35 | if (($column->getId() === 'store_id' || count($array) > 0 || $column->getId() === 'status') && $column->getFilter()->getValue()) {
36 | //
37 | }
38 |
39 | $length = count($array);
40 |
41 | if ('count' != $foo && count($bar)) {
42 | //
43 | }
44 |
45 | if ($findme === 'a' and (count($array) != 0 or $findme !== 'b') and $mystring !== false) {
46 | //
47 | }
48 |
49 | if (strlen($string) > 0) {
50 | //
51 | }
52 |
53 | if ((anotherFunc($string) !== 0) && strlen($string) > 0) {
54 | //
55 | }
56 |
57 | if ((strlen($string) !== 0) && (((anotherFunc($string))))) {
58 | //
59 | }
60 |
61 | if (((strlen($string)))) {
62 | //
63 | }
64 |
65 | if (strlen($string) && (anotherFunc($string) !== 0)) {
66 | //
67 | }
68 |
69 | if ($findme === 'a' && (strlen($string) || $findme !== 'b') && $mystring !== false) {
70 | //
71 | }
72 |
73 | if ($findme === 'a' && (strlen($string) != 0 || $findme !== 'b') && $mystring !== false) {
74 | //
75 | }
76 |
77 | if ($findme === 'a' && (strlen($string) > 10 || $findme !== 'b') && $mystring !== false) {
78 | //
79 | }
80 |
81 | if (($column->getId() === 'store_id' || strlen($string) > 0 || $column->getId() === 'status') && $column->getFilter()->getValue()) {
82 | //
83 | }
84 |
85 | if (strlen($string . implode(',', $array)) && (anotherFunc($string) !== 0)) {
86 | //
87 | }
88 |
89 | if (strlen($string . implode(',', $array)) > 10 && (anotherFunc($string) !== 0)) {
90 | //
91 | }
92 |
93 | $length = strlen($string);
94 |
95 | if ($findme === 'a' and (strlen($string) > 0 or $findme !== 'b') and $mystring !== false) {
96 | //
97 | }
98 |
99 | if (strlen($string) < $limit) {
100 | //
101 | }
102 |
103 | if (strlen($string) >= getLimit()) {
104 | //
105 | }
106 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Performance/EmptyCheckUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
30 | 7 => 1,
31 | 11 => 1,
32 | 15 => 1,
33 | 19 => 1,
34 | 23 => 1,
35 | 27 => 1,
36 | 35 => 1,
37 | 41 => 1,
38 | 45 => 1,
39 | 49 => 1,
40 | 53 => 1,
41 | 57 => 1,
42 | 61 => 1,
43 | 65 => 1,
44 | 69 => 1,
45 | 73 => 1,
46 | 81 => 1,
47 | 85 => 1,
48 | 95 => 1,
49 | ];
50 | }
51 | }
52 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Performance/InefficientMethodsUnitTest.inc:
--------------------------------------------------------------------------------
1 | _getReadAdapter()->fetchAll($select);
4 |
5 | function fetchAll()
6 | {
7 | echo 1;
8 | }
9 |
10 | fetchAll();
11 |
12 | $collection = Mage::getModel('catalog/product')->getCollection();
13 | $item = $collection->getFirstItem();
14 | $item2 = Mage::getModel('catalog/product')->getCollection()->getFirstItem();
15 |
16 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Performance/InefficientMethodsUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
30 | 13 => 1,
31 | 14 => 1,
32 | ];
33 | }
34 | }
35 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Performance/LoopUnitTest.inc:
--------------------------------------------------------------------------------
1 | getCollection();
9 | do {
10 | $product = Mage::getModel('catalog/product')->load($id);
11 | $c = count($data) = sizeof($data);
12 | $product2 = $collection->getFirstItem();
13 | $product2->save();
14 | Mage::getModel('catalog/product')->setId($id)->delete();
15 |
16 | $id--;
17 | } while ($id);
18 |
19 | for ($i = 1; $i <= 100; $i++) {
20 | $product = Mage::getModel('catalog/product')->load($id);
21 | $c = count($data) = sizeof($data);
22 | $product2 = $collection->getFirstItem();
23 | $product2->save();
24 | Mage::getModel('catalog/product')->setId($id)->delete();
25 | }
26 |
27 | foreach ($collection as $product) {
28 | $product = Mage::getModel('catalog/product')->load($id);
29 | $c = count($data) = sizeof($data);
30 | $product2 = $collection->getFirstItem();
31 | $product2->save();
32 | Mage::getModel('catalog/product')->setId($id)->delete();
33 | }
34 |
35 |
36 | while ($id) {
37 | $product = Mage::getModel('catalog/product')->load($id);
38 | $c = count($data) = sizeof($data);
39 | $product2 = $collection->getFirstItem();
40 | $product2->save();
41 | Mage::getModel('catalog/product')->setId($id)->delete();
42 |
43 | $id--;
44 | }
45 | }
46 | }
47 |
48 | foreach ($collection as $item) {
49 | foreach ($item->getData() as $product) {
50 | $product = Mage::getModel('catalog/product')->load($id);
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Performance/LoopUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
30 | 11 => 2,
31 | 12 => 1,
32 | 13 => 1,
33 | 14 => 1,
34 | 20 => 1,
35 | 21 => 2,
36 | 22 => 1,
37 | 23 => 1,
38 | 24 => 1,
39 | 28 => 1,
40 | 29 => 2,
41 | 30 => 1,
42 | 31 => 1,
43 | 32 => 1,
44 | 37 => 1,
45 | 38 => 2,
46 | 39 => 1,
47 | 40 => 1,
48 | 41 => 1,
49 | 50 => 1,
50 | ];
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/MEQP1/Tests/SQL/MissedIndexesUnitTest.inc:
--------------------------------------------------------------------------------
1 | startSetup();
4 | if (!$installer->getConnection()->isTableExists($installer->getTable('some_table'))) {
5 | $table = $installer->getConnection()->newTable(
6 | $installer->getTable('some_table')
7 | )->addColumn(
8 | 'some_string',
9 | \Magento\Framework\DB\Ddl\Table::TYPE_TEXT,
10 | 32,
11 | ['nullable' => true],
12 | 'some string'
13 | );
14 | $installer->getConnection()->createTable($table);
15 | }
16 | $installer->endSetup();
17 |
--------------------------------------------------------------------------------
/MEQP1/Tests/SQL/MissedIndexesUnitTest.php:
--------------------------------------------------------------------------------
1 | 1];
29 | }
30 |
31 | /**
32 | * @inheritdoc
33 | */
34 | public function shouldSkipTest()
35 | {
36 | return true;
37 | }
38 | }
39 |
--------------------------------------------------------------------------------
/MEQP1/Tests/SQL/RawQueryUnitTest.inc:
--------------------------------------------------------------------------------
1 | getConnection('core_write');
21 | $connectionWrite->query($query);
22 | }
23 |
24 | public function delete()
25 | {
26 | $connectionWrite = Mage::getSingleton('core/resource')->getConnection('core_write');
27 | $connectionWrite->raw_query(
28 | ' DELETE FROM table_name'
29 | );
30 | }
31 |
32 | public function delete2()
33 | {
34 | $connectionWrite = Mage::getSingleton('core/resource')->getConnection('core_write');
35 | $connectionWrite->raw_query(
36 | "
37 | DROP table table_name"
38 | );
39 | }
40 |
41 | public function truncate()
42 | {
43 | $connectionWrite = Mage::getSingleton('core/resource')->getConnection('core_write');
44 | $connectionWrite->raw_query(
45 | '
46 | TRUNCATE table table_name'
47 | );
48 | }
49 |
50 | public function runQuery($countyInfo, $countyName)
51 | {
52 | $connectionWrite = Mage::getSingleton('core/resource')->getConnection('core_write');
53 | $query = '
54 | UPDATE `table_name`
55 | SET `tax_rate` = \'' . $countyInfo['tax_percentage'] . '\',
56 | `auth_code` = \'' . $countyInfo['auth_code'] . '\'
57 | WHERE county = \'' . $countyName . '\'';
58 | $connectionWrite->query($query);
59 |
60 | $connectionWrite->query('CREATE TABLE Persons
61 | (
62 | PersonID int,
63 | LastName varchar(255),
64 | FirstName varchar(255),
65 | Address varchar(255),
66 | City varchar(255)
67 | );');
68 | }
69 |
70 | public function getQuery($period)
71 | {
72 | $this->_period = $period;
73 |
74 | $query = "
75 | select `report_data`
76 | FROM `trending_report`
77 | WHERE `created_at` <= CURDATE( )
78 | AND CURDATE( ) <= `expire_at`
79 | AND `last_for` = ' . $period . '
80 | ORDER BY `created_at` DESC
81 | LIMIT 1
82 | ";
83 |
84 | return $query;
85 | }
86 | }
87 |
88 | $installer = $this;
89 |
90 | $installer->run("
91 | ALTER TABLE `{$installer->getTable('enterprise_catalogpermissions/permission')}`
92 | CHANGE `website_id` `website_id` SMALLINT(5) UNSIGNED DEFAULT NULL,
93 | CHANGE `customer_group_id` `customer_group_id` SMALLINT(3) UNSIGNED DEFAULT NULL;
94 | ");
95 |
96 | $q = << 1,
30 | 28 => 1,
31 | 37 => 1,
32 | 46 => 1,
33 | 54 => 1,
34 | 60 => 1,
35 | 75 => 1,
36 | 97 => 1,
37 | 101 => 1,
38 | 104 => 1,
39 | ];
40 | }
41 |
42 | /**
43 | * @inheritdoc
44 | */
45 | public function shouldSkipTest()
46 | {
47 | return true;
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/MEQP1/Tests/SQL/SlowQueryUnitTest.inc:
--------------------------------------------------------------------------------
1 | _getReadAdapter()->select()->union($selects, Zend_Db_Select::SQL_UNION_ALL);
8 | }
9 | }
10 |
11 | $duplicatedUsers = $installer->getConnection()->fetchPairs("
12 | SELECT user_id, username FROM {$tableAdmins} GROUP by username HAVING COUNT(user_id) > 1
13 | ");
14 |
15 | $sql = "SELECT
16 | attribute_id, value
17 | FROM {$installer->getTable('sales_order_entity_decimal')}
18 | WHERE
19 | entity_id={$itemId}
20 | AND entity_type_id={$itemEntityId}
21 |
22 | UNION
23 | SELECT
24 | attribute_id, value
25 | FROM {$installer->getTable('sales_order_entity_datetime')}
26 | WHERE
27 | entity_id={$itemId}
28 | AND entity_type_id={$itemEntityId}";
29 |
30 | $message = 'Message: group by detect.';
31 |
--------------------------------------------------------------------------------
/MEQP1/Tests/SQL/SlowQueryUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
30 | 12 => 1,
31 | 22 => 1,
32 | ];
33 | }
34 |
35 | /**
36 | * @inheritdoc
37 | */
38 | public function shouldSkipTest()
39 | {
40 | return true;
41 | }
42 | }
43 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/AclUnitTest.inc:
--------------------------------------------------------------------------------
1 | isAllowed('system/config/moneybookers');
8 | }
9 | }
10 |
11 | class Wrong_Phoenix_Moneybookers_MoneybookersController extends Mage_Adminhtml_Controller_Action
12 | {
13 | }
14 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/AclUnitTest.php:
--------------------------------------------------------------------------------
1 | 1
30 | ];
31 | }
32 | }
33 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/DiscouragedFunctionUnitTest.inc:
--------------------------------------------------------------------------------
1 | 'Radiohead']);
101 |
102 | $conn = ifx_connect('mydb@ol_srv1', 'username', 'password');
103 | ifx_close($conn);
104 |
105 | $src = imagecreatefromgif('php.gif');
106 | $img = imagecreatetruecolor(80, 40);
107 |
108 | $mbox = imap_open('{localhost:143}INBOX', 'username', 'password');
109 |
110 | $conn = ingres_connect('mydb', 'username', 'password');
111 | ingres_close($conn);
112 |
113 | ircg_get_username(1);
114 |
115 | $conn = ldap_connect('ldap.example.com', 398);
116 |
117 | link('source.ext', 'newfile.ext');
118 |
119 | mail('test@example.com', 'My Subject', 'Text message');
120 |
121 | mb_send_mail('test@example.com', 'My Subject', 'Text message');
122 |
123 | mkdir('/test1/test2', 0777, true);
124 |
125 | move_uploaded_file('name', 'dir_name');
126 |
127 | msession_connect('host', 'port');
128 |
129 | msg_send(msg_get_queue(1), 12, 'test', false);
130 |
131 | msql('db', 'query');
132 |
133 | $conn = msql_connect('host');
134 | msql_close($conn);
135 |
136 | $conn = mssql_connect('TEST\SERVER', 'username', 'password');
137 | msql_close($conn);
138 |
139 | $conn = mysql_connect('localhost', 'username', 'password');
140 | if (!$conn) {
141 | die('Could not connect: ' . mysql_error());
142 | }
143 | mysql_close($conn);
144 |
145 | $connection = odbc_connect('Driver={SQL Server Native Client 10.0};Server=S;Database=DB;', 'username', 'password');
146 |
147 | opendir('/etc/php5/');
148 |
149 | openlog('test', LOG_PID, 1);
150 |
151 | $cursorId = ora_open($conn);
152 | ora_do($cursorId, 'query');
153 |
154 | $conn = ovrimos_connect('db_host', '8001', 'username', 'password');
155 | ovrimos_close($conn);
156 |
157 | $iniArray = parse_ini_file('sample.ini', true);
158 |
159 | $str = 'first=value&arr[]=foo+bar&arr[]=baz';
160 | parse_str($str);
161 |
162 | $url = 'http://username:password@hostname:9090/path?arg=value#anchor';
163 | parse_url($url, PHP_URL_USER);
164 |
165 | $ops = parsekit_compile_string('echo "Foo\n";', $errors);
166 |
167 | pcntl_alarm(300);
168 |
169 | posix_access('some_file', POSIX_R_OK | POSIX_W_OK);
170 |
171 | pfpro_init();
172 | pfpro_cleanup();
173 |
174 | pfsockopen('ssl://www.example.com', 443, $errno, $errstr);
175 |
176 | $conn = pg_connect('dbname=test');
177 | pg_close($conn);
178 |
179 | php_check_syntax('filename');
180 |
181 | print_r(['key' => 'value']);
182 |
183 | printf('%d', '17,999');
184 |
185 | putenv('USER=test');
186 |
187 | readfile('test.gif');
188 |
189 | readgzfile('test.html.gz');
190 |
191 | readline('Command: ');
192 |
193 | readlink('/vmlinuz');
194 |
195 | register_shutdown_function(function () {
196 | echo 'Script executed with success', PHP_EOL;
197 | });
198 |
199 | register_tick_function(function () {
200 | echo 'cript executed with success', PHP_EOL;
201 | });
202 |
203 | rename('/tmp/tmp_file.txt', '/home/user/login/docs/my_file.txt');
204 |
205 | rmdir('examples');
206 |
207 | scandir('/tmp');
208 |
209 | session_start();
210 |
211 | set_include_path('/usr/lib/pear');
212 |
213 | ini_set('display_errors', 1);
214 |
215 | set_time_limit(3);
216 |
217 | setcookie('TestCookie', 'Something from somewhere', time() + 3600);
218 |
219 | setlocale(LC_ALL, 'nl_NL');
220 |
221 | setrawcookie('TestCookie', 'Something from somewhere', time() + 3600);
222 |
223 | sleep(10);
224 |
225 | socket_connect($socket, $address, $port);
226 |
227 | if ($stream = fopen('http://www.example.com', 'r')) {
228 | echo stream_get_contents($stream, -1, 10);
229 | fclose($stream);
230 | }
231 |
232 | $conn = sybase_connect('SYBASE', '', '');
233 | sybase_close($conn);
234 |
235 | symlink('uploads.php', 'uploads');
236 |
237 | syslog(LOG_WARNING, 'Message');
238 |
239 | touch('some_file.txt', time() - 3600);
240 |
241 | if ($divisor == 0) {
242 | trigger_error('Cannot divide by zero', E_USER_ERROR);
243 | }
244 |
245 | unlink('some_file.txt');
246 |
247 | vprintf('%04d-%02d-%02d', explode('-', '1988-8-1'));
248 |
249 | mysqli_close($conn);
250 |
251 | $conn = oci_connect('username', 'password', 'localhost');
252 |
253 | $conn = oci_pconnect('username', 'password', 'localhost');
254 |
255 | quotemeta('Hello world. (can you hear me?)');
256 |
257 | sqlite_popen('filename');
258 |
259 | time_nanosleep(0, 500000000);
260 |
261 | base64_decode('VGhpcyBpcyBhbiBlbmNvZGVkIHN0cmluZw==');
262 |
263 | base_convert('a37334', 16, 2);
264 |
265 | basename('/');
266 |
267 | chr(27);
268 |
269 | convert_cyr_string('string', 'feom', 'to');
270 |
271 | dba_nextkey($handle);
272 |
273 | dns_get_record('php.net');
274 |
275 | $varArray = [
276 | 'color' => 'blue',
277 | 'size' => 'medium',
278 | 'shape' => 'sphere',
279 | ];
280 | extract($varArray, EXTR_PREFIX_SAME, 'wddx');
281 |
282 | $outfdf = fdf_create();
283 | fdf_set_value($outfdf, 'volume', $volume, 0);
284 |
285 | $file = fopen(__FILE__, 'r');
286 | $input = fgetc($file);
287 | $line = fgets($file);
288 | $contents = fread($file, 100);
289 | fflush($file);
290 |
291 | $browser = get_browser(null, true);
292 |
293 | get_headers('http://www.example.com');
294 |
295 | $tags = get_meta_tags('http://www.example.com/');
296 |
297 | $headers = getallheaders();
298 |
299 | $ip = getenv('REMOTE_ADDR');
300 |
301 | $options = getopt('f:hp:');
302 |
303 | $headersList = headers_list();
304 |
305 | $decodedText = hebrev('טקסטים מנוקדים');
306 |
307 | $decodedText = hebrevc('טקסטים מנוקדים');
308 |
309 | highlight_string('text"; ?>');
310 |
311 | html_entity_decode('html<span>string</span>&<div>block</div>');
312 |
313 | ibase_connect('/path/to/employees.gdb', 'username', 'password');
314 | $blob = ibase_blob_import($file);
315 |
316 | $tag = id3_get_tag('path/to/example.mp3');
317 |
318 | import_request_variables('gP', 'rvar_');
319 |
320 | $nickname = ircg_nickname_unescape('nickname');
321 |
322 | $values = ldap_get_values('ds', 'entry', 'mail');
323 |
324 | mb_decode_mimeheader($str);
325 |
326 | mb_parse_str('email=kehaovista@qq.com&city=shanghai&job=Phper', $result);
327 |
328 | $ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
329 | $iv = mcrypt_create_iv($ivSize, MCRYPT_RAND);
330 | mcrypt_decrypt(MCRYPT_RIJNDAEL_256, 'key', 'text', MCRYPT_MODE_ECB, $iv);
331 |
332 | $td = mcrypt_module_open('des', '', 'ecb', '');
333 | $cryptedText = mcrypt_generic($td, 'plain text');
334 | $plainText = mdecrypt_generic($td, $cryptedText);
335 |
336 | $key = msg_get_queue(ftok('/tmp/php_msgqueue.stat', 'R'), 0666 | IPC_CREAT);
337 | msg_receive($key, 1, 1, 16384, 'message', true, 0);
338 |
339 | ngettext('%d window', '%d windows', 21);
340 |
341 | $out = ob_get_contents();
342 | $out = ob_get_flush();
343 |
344 | rawurldecode('foo%20bar%40baz');
345 |
346 | $var = shm_get_var(55, 'key');
347 |
348 | $string = stripcslashes('He\xallo');
349 |
350 | $string = stripslashes("Is your name O\'reilly?");
351 |
352 | $tokens = token_get_all('');
353 |
354 | $array = unpack('cchars/nint', '\x04\x00\xa0\x00');
355 |
356 | $decodedText = convert_uudecode("+22!L;W9E(%!(4\"$`\n`");
357 |
358 | $decodedText = iconv_mime_decode('Subject: =?UTF-8?B?UHLDvGZ1bmcgUHLDvGZ1bmc=?=', 0, 'ISO-8859-1');
359 |
360 | $headersString = <<
365 | Received: from localhost (localhost [127.0.0.1]) by localhost
366 | with SMTP id example for ;
367 | Thu, 1 Jan 1970 00:00:00 +0000 (UTC)
368 | (envelope-from example-return-0000-example=example.com@example.com)
369 | Received: (qmail 0 invoked by uid 65534); 1 Thu 2003 00:00:00 +0000
370 | EOF;
371 | $headers = iconv_mime_decode_headers($headersString, 0, 'ISO-8859-1');
372 |
373 | $preferences = [
374 | 'input-charset' => 'ISO-8859-1',
375 | 'output-charset' => 'UTF-8',
376 | 'line-length' => 76,
377 | 'line-break-chars' => "\n",
378 | 'scheme' => 'Q',
379 | ];
380 | iconv_mime_encode('Subject', 'Prüfung Prüfung', $preferences);
381 |
382 | iconv_set_encoding('internal_encoding', 'UTF-8');
383 |
384 | php_strip_whitespace(__FILE__);
385 |
386 | $connection = ssh2_connect('shell.example.com', 22);
387 | $auth_methods = ssh2_auth_none($connection, 'user');
388 |
389 | $lines = file(__FILE__);
390 | $atime = fileatime(__FILE__);
391 |
392 | $message = addcslashes('foo[ ]', 'A..z');
393 |
394 | $message = addslashes("Is your name O'Reilly?");
395 |
396 | $message = escapeshellarg('shell:command:string');
397 |
398 | $message = escapeshellcmd('shell string');
399 |
400 | gettype(['a' => 5]);
401 |
402 | var_dump($message);
403 |
404 | tempnam('./tmp/', 'filePrefix');
405 |
406 | realpath('./../../etc/passwd');
407 |
408 | linkinfo('/');
409 |
410 | lstat('./');
411 |
412 | stat('./');
413 |
414 | lchgrp('__FILE__', 8);
415 |
416 | lchown('__FILE__', 8);
417 |
418 | show_source(__FILE__);
419 |
420 | is_dir('./');
421 |
422 | is_executable('./');
423 |
424 | is_file('./');
425 |
426 | is_link('./');
427 |
428 | is_readable('./');
429 |
430 | is_writable('./');
431 |
432 | is_writeable('./');
433 |
434 | is_uploaded_file('uploads.php');
435 |
436 | glob('*.txt');
437 |
438 | $size = sizeof($array);
439 |
440 | $check = is_null($size);
441 |
442 | $str = strval($str);
443 |
444 | $int = intval($int);
445 |
446 | $str = chop($text, 'ttt');
447 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/DiscouragedFunctionUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
30 | 5 => 1,
31 | 7 => 1,
32 | 8 => 1,
33 | 10 => 1,
34 | 14 => 1,
35 | 18 => 1,
36 | 20 => 1,
37 | 22 => 1,
38 | 24 => 1,
39 | 26 => 1,
40 | 28 => 1,
41 | 30 => 1,
42 | 32 => 1,
43 | 33 => 1,
44 | 34 => 1,
45 | 35 => 1,
46 | 36 => 1,
47 | 38 => 1,
48 | 40 => 1,
49 | 41 => 1,
50 | 43 => 1,
51 | 44 => 1,
52 | 46 => 1,
53 | 47 => 1,
54 | 48 => 1,
55 | 50 => 1,
56 | 52 => 1,
57 | 54 => 1,
58 | 56 => 1,
59 | 58 => 1,
60 | 59 => 1,
61 | 61 => 1,
62 | 63 => 1,
63 | 65 => 1,
64 | 67 => 1,
65 | 68 => 1,
66 | 70 => 1,
67 | 71 => 1,
68 | 72 => 1,
69 | 74 => 1,
70 | 76 => 1,
71 | 78 => 1,
72 | 79 => 1,
73 | 80 => 1,
74 | 82 => 1,
75 | 83 => 1,
76 | 84 => 1,
77 | 85 => 1,
78 | 87 => 1,
79 | 89 => 1,
80 | 90 => 1,
81 | 91 => 1,
82 | 93 => 1,
83 | 95 => 1,
84 | 97 => 1,
85 | 98 => 1,
86 | 100 => 1,
87 | 102 => 1,
88 | 103 => 1,
89 | 105 => 1,
90 | 106 => 1,
91 | 108 => 1,
92 | 110 => 1,
93 | 111 => 1,
94 | 113 => 1,
95 | 115 => 1,
96 | 117 => 1,
97 | 119 => 1,
98 | 121 => 1,
99 | 123 => 1,
100 | 125 => 1,
101 | 127 => 1,
102 | 129 => 1,
103 | 131 => 1,
104 | 133 => 1,
105 | 134 => 1,
106 | 136 => 1,
107 | 137 => 1,
108 | 139 => 1,
109 | 141 => 1,
110 | 143 => 1,
111 | 145 => 1,
112 | 147 => 1,
113 | 149 => 1,
114 | 151 => 1,
115 | 152 => 1,
116 | 154 => 1,
117 | 155 => 1,
118 | 157 => 1,
119 | 160 => 1,
120 | 163 => 1,
121 | 165 => 1,
122 | 167 => 1,
123 | 169 => 1,
124 | 171 => 1,
125 | 172 => 1,
126 | 174 => 1,
127 | 176 => 1,
128 | 177 => 1,
129 | 179 => 1,
130 | 181 => 1,
131 | 183 => 1,
132 | 185 => 1,
133 | 187 => 1,
134 | 189 => 1,
135 | 191 => 1,
136 | 193 => 1,
137 | 195 => 1,
138 | 199 => 1,
139 | 203 => 1,
140 | 205 => 1,
141 | 207 => 1,
142 | 209 => 1,
143 | 211 => 1,
144 | 213 => 1,
145 | 215 => 1,
146 | 217 => 1,
147 | 219 => 1,
148 | 221 => 1,
149 | 223 => 1,
150 | 225 => 1,
151 | 227 => 1,
152 | 228 => 1,
153 | 229 => 1,
154 | 232 => 1,
155 | 233 => 1,
156 | 235 => 1,
157 | 237 => 1,
158 | 239 => 1,
159 | 242 => 1,
160 | 245 => 1,
161 | 247 => 1,
162 | 249 => 1,
163 | 251 => 1,
164 | 253 => 1,
165 | 255 => 1,
166 | 257 => 1,
167 | 259 => 1,
168 | 261 => 1,
169 | 263 => 1,
170 | 265 => 1,
171 | 267 => 1,
172 | 269 => 1,
173 | 271 => 1,
174 | 273 => 1,
175 | 280 => 1,
176 | 282 => 1,
177 | 283 => 1,
178 | 285 => 1,
179 | 286 => 1,
180 | 287 => 1,
181 | 288 => 1,
182 | 289 => 1,
183 | 291 => 1,
184 | 293 => 1,
185 | 295 => 1,
186 | 297 => 1,
187 | 299 => 1,
188 | 301 => 1,
189 | 303 => 1,
190 | 305 => 1,
191 | 307 => 1,
192 | 309 => 1,
193 | 311 => 1,
194 | 313 => 1,
195 | 314 => 1,
196 | 316 => 1,
197 | 318 => 1,
198 | 322 => 1,
199 | 320 => 1,
200 | 324 => 1,
201 | 326 => 1,
202 | 330 => 1,
203 | 334 => 1,
204 | 337 => 1,
205 | 339 => 1,
206 | 341 => 1,
207 | 342 => 1,
208 | 344 => 1,
209 | 346 => 1,
210 | 348 => 1,
211 | 350 => 1,
212 | 352 => 1,
213 | 354 => 1,
214 | 356 => 1,
215 | 358 => 1,
216 | 371 => 1,
217 | 380 => 1,
218 | 382 => 1,
219 | 384 => 1,
220 | 386 => 1,
221 | 387 => 1,
222 | 389 => 1,
223 | 390 => 1,
224 | 392 => 1,
225 | 394 => 1,
226 | 396 => 1,
227 | 398 => 1,
228 | 400 => 1,
229 | 402 => 1,
230 | 404 => 1,
231 | 406 => 1,
232 | 408 => 1,
233 | 410 => 1,
234 | 412 => 1,
235 | 414 => 1,
236 | 416 => 1,
237 | 418 => 1,
238 | 420 => 1,
239 | 422 => 1,
240 | 424 => 1,
241 | 426 => 1,
242 | 428 => 1,
243 | 430 => 1,
244 | 432 => 1,
245 | 434 => 1,
246 | 436 => 1,
247 | 438 => 1,
248 | 440 => 1,
249 | 442 => 1,
250 | 444 => 1,
251 | 446 => 1,
252 | ];
253 | }
254 | }
255 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/IncludeFileUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
30 | 4 => 1,
31 | 6 => 1,
32 | 7 => 1,
33 | 9 => 1,
34 | 10 => 1,
35 | 12 => 1,
36 | 13 => 1,
37 | 15 => 1,
38 | 17 => 1,
39 | 23 => 1,
40 | 24 => 1,
41 | 28 => 1,
42 | 34 => 1,
43 | ];
44 | }
45 | }
46 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/InsecureFunctionUnitTest.inc:
--------------------------------------------------------------------------------
1 | ['pipe', 'r']], $pipes, '/tmp', ['some_option' => 'test']);
14 |
15 | shell_exec('ls -l');
16 |
17 | system('ls', $retval);
18 |
19 | md5($text);
20 |
21 | unserialize('');
22 |
23 | serialize([]);
24 |
25 | pcntl_exec('path/goes/here');
26 |
27 | srand();
28 |
29 | mt_srand();
30 |
31 | mt_rand();
32 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/InsecureFunctionUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
22 | 5 => 1,
23 | 7 => 1,
24 | 9 => 1,
25 | 11 => 1,
26 | 13 => 1,
27 | 15 => 1,
28 | 17 => 1,
29 | 19 => 1,
30 | 21 => 1,
31 | 23 => 1,
32 | 25 => 1,
33 | 27 => 1,
34 | 29 => 1,
35 | 31 => 1,
36 | ];
37 | }
38 |
39 | /**
40 | * @inheritdoc
41 | */
42 | public function getWarningList()
43 | {
44 | return [];
45 | }
46 | }
47 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/LanguageConstructUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
22 | 8 => 1,
23 | 10 => 1,
24 | 14 => 1,
25 | 15 => 1,
26 | ];
27 | }
28 |
29 | /**
30 | * @inheritdoc
31 | */
32 | public function getWarningList()
33 | {
34 | return [];
35 | }
36 | }
37 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/SuperglobalUnitTest.inc:
--------------------------------------------------------------------------------
1 | _get;
15 | $d = $GLOBALS;
16 | $e = $_SERVER;
17 | $f = $_POST;
18 | $g = $_FILES['upload'];
19 | $h = $_COOKIE['sid'];
20 | $_SESSION = null;
21 | unset($_REQUEST);
22 | }
23 | }
24 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Security/SuperglobalUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
22 | 15 => 1,
23 | 17 => 1,
24 | 20 => 1,
25 | 21 => 1,
26 | ];
27 | }
28 |
29 | /**
30 | * @inheritdoc
31 | */
32 | public function getWarningList()
33 | {
34 | return [
35 | 16 => 1,
36 | 18 => 1,
37 | 19 => 1,
38 | ];
39 | }
40 | }
41 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Stdlib/DateTimeUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
30 | 4 => 1,
31 | 5 => 1,
32 | 7 => 1,
33 | 8 => 1,
34 | 9 => 1,
35 | 10 => 1,
36 | 11 => 1,
37 | 12 => 1,
38 | 13 => 1,
39 | ];
40 | }
41 | }
42 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Strings/RegExUnitTest.inc:
--------------------------------------------------------------------------------
1 | (.*?))sex', '"" . strtoupper("$2") . ""', $html);
17 |
18 | $a = preg_replace(
19 | '#(.*?)#e',
20 | '"" . strtoupper("$2") . ""',
21 | $html
22 | );
23 |
24 | $string = 'April 15, 2003';
25 | $replacement = '${1}1,$3';
26 | $b = preg_replace('/(\w+) (\d+), (\d+)/i', $replacement, $string);
27 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Strings/RegExUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
22 | 10 => 1,
23 | 16 => 1,
24 | 18 => 1,
25 | ];
26 | }
27 |
28 | /**
29 | * @inheritdoc
30 | */
31 | public function getWarningList()
32 | {
33 | return [];
34 | }
35 | }
36 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Strings/StringConcatUnitTest.inc:
--------------------------------------------------------------------------------
1 | 1,
30 | 4 => 1,
31 | 6 => 1,
32 | 10 => 1,
33 | 11 => 1,
34 | 15 => 1,
35 | ];
36 | }
37 | }
38 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Strings/StringPositionUnitTest.inc:
--------------------------------------------------------------------------------
1 | getId() === 'store_id' || $column->getId() === 'status') && $column->getFilter()->getValue()
93 | && (strpos($column->getFilter()->getValue(), ',') !== false)) {
94 | //
95 | }
96 |
97 | if (($column->getId() === 'store_id' || $column->getId() === 'status') && $column->getFilter()->getValue()
98 | && (strpos($column->getFilter()->getValue(), ',') != false)) {
99 | //
100 | }
101 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Strings/StringPositionUnitTest.php:
--------------------------------------------------------------------------------
1 | 1,
22 | 8 => 1,
23 | 12 => 1,
24 | 16 => 1,
25 | 20 => 1,
26 | 24 => 1,
27 | 32 => 1,
28 | 40 => 1,
29 | 44 => 1,
30 | 72 => 1,
31 | 76 => 1,
32 | 80 => 2,
33 | 85 => 1,
34 | 87 => 1,
35 | 98 => 1,
36 | ];
37 | }
38 |
39 | /**
40 | * @inheritdoc
41 | */
42 | public function getWarningList()
43 | {
44 | return [];
45 | }
46 | }
47 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Templates/XssTemplateUnitTest.inc:
--------------------------------------------------------------------------------
1 |
2 |
3 | getSomeData(); echo $block->getSomeData(); echo $block->getSomeData();?>
4 | getTitle();?>
5 | getSomeMethod($block->getId());?>
6 |
7 | escapeUrl($var) . $var . 'bla';?>
8 |
9 |
10 |
11 |
12 | escapeHtml() .
13 | $var .
14 | $block->getSomeData();
15 | ?>
16 | quoteEscape($data['parentSymbol']) . '\''; ?>
17 | quoteEscape($data['parentSymbol']) . "\""; ?>
18 | escapeQuote($data['parentSymbol']) . '\''; ?>
19 | escapeQuote($data['parentSymbol']) . "\""; ?>
20 |
21 | getExtendedElement($switchAttributeCode)->print() : 5; ?>
22 | 5 ? ($tt . $var ? 1 : 2 ? $block->getId($id)->print() : count($tt)) : 5; ?>
23 |
24 |
28 | escapeUrl( $block->my_funct() . $var) : (false) ? sizeof ($var) :'bla bla'); ?>
29 |
30 | escapeQuote($data['parentSymbol']) . '\''; ?>
31 |
32 |
33 |
34 |
35 |
36 | " />
37 | echo $var;
38 | getId("bla bla") ?>
39 | stripTags("bla bla") ?>
40 | quoteEscape("bla bla"); ?>
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 | htmlEscape(); ?>
51 |
52 | escapeHtml() .
53 | (bool)$var .
54 | htmlspecialchars("bla bla");
55 | ?>
56 | getExtendedElement($switchAttributeCode)->getId(); ?>
57 | escapeHtml($_filter->getFilter()->getClearLinkText()) ?>
58 | default) ? $block->escapeHtml(__('Yes')) : $block->escapeHtml(__('No')); ?>
59 | getExtendedElement($switchAttributeCode)->getId() : 5; ?>
60 |
61 |
62 | displayPrices($tax['base_row_amount'], $tax['row_amount']); ?>
63 |
--------------------------------------------------------------------------------
/MEQP1/Tests/Templates/XssTemplateUnitTest.php:
--------------------------------------------------------------------------------
1 | 2,
30 | 4 => 1,
31 | 5 => 1,
32 | 6 => 1,
33 | 7 => 1,
34 | 8 => 1,
35 | 9 => 1,
36 | 10 => 1,
37 | 13 => 1,
38 | 14 => 1,
39 | 16 => 1,
40 | 17 => 1,
41 | 18 => 2,
42 | 19 => 2,
43 | 20 => 2,
44 | 21 => 1,
45 | 22 => 1,
46 | 23 => 1,
47 | 24 => 1,
48 | 28 => 2,
49 | 29 => 1,
50 | 30 => 2,
51 | ];
52 | }
53 | }
54 |
--------------------------------------------------------------------------------
/MEQP1/ruleset.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | Magento EQP Coding Standard
4 |
5 |
6 |
7 | ^lib/*
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 | *.phtml
18 |
19 |
20 |
21 | 10
22 |
23 |
24 | 10
25 |
26 |
27 | 10
28 |
29 |
30 | 10
31 | *.phtml
32 |
33 |
34 | 10
35 |
36 |
37 | 10
38 | error
39 |
40 |
41 | 10
42 | error
43 |
44 |
45 | 10
46 | error
47 | *.phtml
48 |
49 |
50 | 8
51 | warning
52 |
53 |
54 | 8
55 |
56 |
57 | 8
58 |
59 |
60 | 8
61 | warning
62 |
63 |
64 | 8
65 |
66 |
67 | 8
68 | warning
69 |
70 |
71 | 8
72 |
73 |
74 | 8
75 |
76 |
77 | 8
78 |
79 |
80 | 8
81 | warning
82 |
83 |
84 | 6
85 |
86 |
87 | 6
88 |
89 |
90 | 6
91 |
92 |
93 | 6
94 |
95 |
96 | 6
97 |
98 |
99 | 6
100 |
101 |
102 | 6
103 | warning
104 |
105 |
106 | 6
107 | warning
108 |
109 |
110 | 6
111 |
112 |
113 | 6
114 |
115 |
116 | 6
117 | warning
118 |
119 |
120 | 6
121 | warning
122 |
123 |
124 | 6
125 | warning
126 |
127 |
128 | 6
129 |
130 |
131 | 6
132 | warning
133 |
134 |
135 | 6
136 | warning
137 |
138 |
139 | 6
140 | warning
141 |
142 |
143 | 6
144 | warning
145 |
146 |
147 | 6
148 | warning
149 |
150 |
151 | 6
152 | warning
153 |
154 |
155 | 0
156 | warning
157 |
158 |
159 | 6
160 | warning
161 |
162 |
163 | 6
164 | warning
165 |
166 |
167 | 6
168 | warning
169 |
170 |
171 | 6
172 | warning
173 |
174 |
175 | 6
176 | warning
177 |
178 |
179 | 6
180 | warning
181 |
182 |
183 | 6
184 | warning
185 |
186 |
187 | 6
188 | warning
189 |
190 |
191 | 6
192 | warning
193 |
194 |
195 | 6
196 | warning
197 |
198 |
199 | 6
200 | warning
201 |
202 |
203 | 6
204 | warning
205 |
206 |
207 | 6
208 | warning
209 |
210 |
211 | 6
212 | warning
213 |
214 |
215 | 6
216 | warning
217 |
218 |
219 | 6
220 | warning
221 |
222 |
223 | 6
224 | warning
225 |
226 |
227 | 6
228 | warning
229 |
230 |
231 | 6
232 | warning
233 |
234 |
235 | 6
236 | warning
237 |
238 |
239 | 6
240 | warning
241 |
242 |
243 | 6
244 | warning
245 |
246 |
247 | 6
248 | warning
249 |
250 |
251 | 6
252 | warning
253 |
254 |
255 | 6
256 | warning
257 |
258 |
259 | 6
260 | warning
261 |
262 |
263 | 6
264 | warning
265 |
266 |
267 | 6
268 | warning
269 |
270 |
271 | 6
272 | warning
273 |
274 |
275 | 6
276 | warning
277 |
278 |
279 | 6
280 | warning
281 |
282 |
283 | 6
284 | warning
285 |
286 |
287 | 6
288 | warning
289 |
290 |
291 | 6
292 | warning
293 |
294 |
295 | 6
296 | warning
297 |
298 |
299 | 6
300 | warning
301 |
302 |
303 | 6
304 | warning
305 |
306 |
307 | 6
308 | warning
309 |
310 |
311 | 6
312 | warning
313 |
314 |
315 | 6
316 | warning
317 |
318 |
319 | 6
320 | warning
321 |
322 |
323 | 6
324 | warning
325 |
326 |
327 | 6
328 | warning
329 |
330 |
331 | 6
332 | warning
333 |
334 |
335 | 6
336 | warning
337 |
338 |
339 | 6
340 | warning
341 |
342 |
343 | 6
344 | warning
345 |
346 |
347 | 6
348 | warning
349 |
350 |
351 | 6
352 |
353 |
354 | 6
355 |
356 |
357 | 6
358 | warning
359 |
360 |
361 | 6
362 | warning
363 |
364 |
365 | 6
366 | warning
367 |
368 |
369 | 6
370 | warning
371 |
372 |
373 | 6
374 | warning
375 |
376 |
377 | 6
378 | warning
379 |
380 |
381 | 6
382 | warning
383 |
384 |
385 | 6
386 |
387 |
388 | 6
389 |
390 |
391 | 6
392 | warning
393 |
394 |
395 | 6
396 | warning
397 |
398 |
399 | 6
400 | warning
401 |
402 |
403 | 6
404 | warning
405 |
406 |
407 | 6
408 |
409 |
410 | 6
411 | warning
412 |
413 |
414 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Magento Extension Quality Program Coding Standard
2 |
3 | ### :warning: Versions 3.0.0 and above of the MEQP Coding Standard are for Magento 1.x code only.
4 | To check Magento 2.x code use [Consolidated Magento Coding Standard](https://github.com/magento/magento-coding-standard).
5 |
6 | [](https://travis-ci.org/magento/marketplace-eqp)
7 |
8 | Magento EQP Coding Standard is a set of rules and sniffs for [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) tool.
9 |
10 | It allows automatically check your code against some of the common Magento and PHP coding issues, like:
11 | - raw SQL queries;
12 | - SQL queries inside a loop;
13 | - direct class instantiation;
14 | - unnecessary collection loading;
15 | - excessive code complexity;
16 | - use of dangerous functions;
17 | - use of PHP superglobals;
18 | - code style issues and many others.
19 |
20 | **Magento Extension Quality Program Coding Standard** consists of one ruleset - MEQP1 for Magento 1.x.
21 |
22 | ## Installation
23 |
24 | Install all dependencies via [Composer](https://getcomposer.org):
25 | ```sh
26 | $ composer create-project --repository=https://repo.magento.com magento/marketplace-eqp magento-coding-standard
27 | ```
28 | You’re required to authenticate; see [Get your authentication keys](http://devdocs.magento.com/guides/v2.0/install-gde/prereq/connect-auth.html) for details.
29 |
30 | ## Usage
31 | ```sh
32 | $ cd magento-coding-standard
33 | ```
34 | Select the standard to run with PHP_CodeSniffer. To check Magento extension run:
35 | ```sh
36 | $ vendor/bin/phpcs /path/to/your/extension --standard=MEQP1
37 | ```
38 | By default, PHP_CodeSniffer will check any file it finds with a `.inc`, .`php`, `.js` or `.css` extension. To check design templates you can specify `--extensions=php,phtml` option.
39 |
40 | To check syntax with specific PHP version set paths to php binary dir:
41 | ```sh
42 | $ vendor/bin/phpcs --config-set php7.0_path /path/to/your/php7
43 | $ vendor/bin/phpcs --config-set php5.4_path /path/to/your/php5.4
44 | ```
45 | ## Fixing Errors Automatically
46 |
47 | PHP_CodeSniffer offers the PHP Code Beautifier and Fixer (`phpcbf`) tool. It can be used in place of `phpcs` to automatically generate and fix all fixable issues. We highly recommend run following command to fix as many sniff violations as possible:
48 | ```sh
49 | $ vendor/bin/phpcbf /path/to/your/extension --standard=MEQP1
50 | ```
51 | ## Marketplace Technical Review
52 | To make sure your extension will pass CodeSniffer checks of Magento Marketplace Technical Review, you could run `phpcs` command with `--severity=10` option.
53 | ```sh
54 | $ vendor/bin/phpcs /path/to/your/extension --standard=MEQP1 --severity=10 --extensions=php,phtml
55 | ```
56 | **All severity 10 errors must be fixed in order to successfully pass Level 1 CodeSniffer checks.**
57 |
58 | ## Requirements
59 |
60 | * PHP >=5.5.0
61 | * [Composer](https://getcomposer.org)
62 | * [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) 3.*
63 |
64 | > Notice: PHP and Composer should be accessible globally.
65 |
66 | ## Contribution
67 |
68 | Please feel free to contribute new sniffs or any fixes or improvements for the existing ones.
69 |
--------------------------------------------------------------------------------
/composer.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "magento/marketplace-eqp",
3 | "version": "4.0.0",
4 | "description": "A set of PHP_CodeSniffer rules and sniffs.",
5 | "license": "MIT",
6 | "type": "phpcodesniffer-standard",
7 | "require": {
8 | "php": ">=5.5.0",
9 | "squizlabs/php_codesniffer": "3.*"
10 | },
11 | "require-dev": {
12 | "phpunit/phpunit": "4.1.0"
13 | },
14 | "scripts": {
15 | "post-install-cmd": "\"vendor/bin/phpcs\" --config-set installed_paths ../../..",
16 | "post-update-cmd": "\"vendor/bin/phpcs\" --config-set installed_paths ../../.."
17 | },
18 | "autoload": {
19 | "psr-4": {
20 | "MEQP\\": "MEQP/",
21 | "MEQP1\\": "MEQP1/"
22 | }
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/composer.lock:
--------------------------------------------------------------------------------
1 | {
2 | "_readme": [
3 | "This file locks the dependencies of your project to a known state",
4 | "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
5 | "This file is @generated automatically"
6 | ],
7 | "content-hash": "1d41aac4bb635b189ebf97f00e105edf",
8 | "packages": [
9 | {
10 | "name": "squizlabs/php_codesniffer",
11 | "version": "3.1.0",
12 | "source": {
13 | "type": "git",
14 | "url": "https://github.com/squizlabs/PHP_CodeSniffer.git",
15 | "reference": "3c2d0a0fe39684ba0c1eb842a6a775d0b938d699"
16 | },
17 | "dist": {
18 | "type": "zip",
19 | "url": "https://api.github.com/repos/squizlabs/PHP_CodeSniffer/zipball/3c2d0a0fe39684ba0c1eb842a6a775d0b938d699",
20 | "reference": "3c2d0a0fe39684ba0c1eb842a6a775d0b938d699",
21 | "shasum": ""
22 | },
23 | "require": {
24 | "ext-simplexml": "*",
25 | "ext-tokenizer": "*",
26 | "ext-xmlwriter": "*",
27 | "php": ">=5.4.0"
28 | },
29 | "require-dev": {
30 | "phpunit/phpunit": "^4.0 || ^5.0 || ^6.0"
31 | },
32 | "bin": [
33 | "bin/phpcs",
34 | "bin/phpcbf"
35 | ],
36 | "type": "library",
37 | "extra": {
38 | "branch-alias": {
39 | "dev-master": "3.x-dev"
40 | }
41 | },
42 | "notification-url": "https://packagist.org/downloads/",
43 | "license": [
44 | "BSD-3-Clause"
45 | ],
46 | "authors": [
47 | {
48 | "name": "Greg Sherwood",
49 | "role": "lead"
50 | }
51 | ],
52 | "description": "PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.",
53 | "homepage": "http://www.squizlabs.com/php-codesniffer",
54 | "keywords": [
55 | "phpcs",
56 | "standards"
57 | ],
58 | "time": "2017-09-19T22:47:14+00:00"
59 | }
60 | ],
61 | "packages-dev": [
62 | {
63 | "name": "doctrine/instantiator",
64 | "version": "1.0.5",
65 | "source": {
66 | "type": "git",
67 | "url": "https://github.com/doctrine/instantiator.git",
68 | "reference": "8e884e78f9f0eb1329e445619e04456e64d8051d"
69 | },
70 | "dist": {
71 | "type": "zip",
72 | "url": "https://api.github.com/repos/doctrine/instantiator/zipball/8e884e78f9f0eb1329e445619e04456e64d8051d",
73 | "reference": "8e884e78f9f0eb1329e445619e04456e64d8051d",
74 | "shasum": ""
75 | },
76 | "require": {
77 | "php": ">=5.3,<8.0-DEV"
78 | },
79 | "require-dev": {
80 | "athletic/athletic": "~0.1.8",
81 | "ext-pdo": "*",
82 | "ext-phar": "*",
83 | "phpunit/phpunit": "~4.0",
84 | "squizlabs/php_codesniffer": "~2.0"
85 | },
86 | "type": "library",
87 | "extra": {
88 | "branch-alias": {
89 | "dev-master": "1.0.x-dev"
90 | }
91 | },
92 | "autoload": {
93 | "psr-4": {
94 | "Doctrine\\Instantiator\\": "src/Doctrine/Instantiator/"
95 | }
96 | },
97 | "notification-url": "https://packagist.org/downloads/",
98 | "license": [
99 | "MIT"
100 | ],
101 | "authors": [
102 | {
103 | "name": "Marco Pivetta",
104 | "email": "ocramius@gmail.com",
105 | "homepage": "http://ocramius.github.com/"
106 | }
107 | ],
108 | "description": "A small, lightweight utility to instantiate objects in PHP without invoking their constructors",
109 | "homepage": "https://github.com/doctrine/instantiator",
110 | "keywords": [
111 | "constructor",
112 | "instantiate"
113 | ],
114 | "time": "2015-06-14T21:17:01+00:00"
115 | },
116 | {
117 | "name": "phpunit/php-code-coverage",
118 | "version": "2.2.4",
119 | "source": {
120 | "type": "git",
121 | "url": "https://github.com/sebastianbergmann/php-code-coverage.git",
122 | "reference": "eabf68b476ac7d0f73793aada060f1c1a9bf8979"
123 | },
124 | "dist": {
125 | "type": "zip",
126 | "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/eabf68b476ac7d0f73793aada060f1c1a9bf8979",
127 | "reference": "eabf68b476ac7d0f73793aada060f1c1a9bf8979",
128 | "shasum": ""
129 | },
130 | "require": {
131 | "php": ">=5.3.3",
132 | "phpunit/php-file-iterator": "~1.3",
133 | "phpunit/php-text-template": "~1.2",
134 | "phpunit/php-token-stream": "~1.3",
135 | "sebastian/environment": "^1.3.2",
136 | "sebastian/version": "~1.0"
137 | },
138 | "require-dev": {
139 | "ext-xdebug": ">=2.1.4",
140 | "phpunit/phpunit": "~4"
141 | },
142 | "suggest": {
143 | "ext-dom": "*",
144 | "ext-xdebug": ">=2.2.1",
145 | "ext-xmlwriter": "*"
146 | },
147 | "type": "library",
148 | "extra": {
149 | "branch-alias": {
150 | "dev-master": "2.2.x-dev"
151 | }
152 | },
153 | "autoload": {
154 | "classmap": [
155 | "src/"
156 | ]
157 | },
158 | "notification-url": "https://packagist.org/downloads/",
159 | "license": [
160 | "BSD-3-Clause"
161 | ],
162 | "authors": [
163 | {
164 | "name": "Sebastian Bergmann",
165 | "email": "sb@sebastian-bergmann.de",
166 | "role": "lead"
167 | }
168 | ],
169 | "description": "Library that provides collection, processing, and rendering functionality for PHP code coverage information.",
170 | "homepage": "https://github.com/sebastianbergmann/php-code-coverage",
171 | "keywords": [
172 | "coverage",
173 | "testing",
174 | "xunit"
175 | ],
176 | "time": "2015-10-06T15:47:00+00:00"
177 | },
178 | {
179 | "name": "phpunit/php-file-iterator",
180 | "version": "1.3.4",
181 | "source": {
182 | "type": "git",
183 | "url": "https://github.com/sebastianbergmann/php-file-iterator.git",
184 | "reference": "acd690379117b042d1c8af1fafd61bde001bf6bb"
185 | },
186 | "dist": {
187 | "type": "zip",
188 | "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/acd690379117b042d1c8af1fafd61bde001bf6bb",
189 | "reference": "acd690379117b042d1c8af1fafd61bde001bf6bb",
190 | "shasum": ""
191 | },
192 | "require": {
193 | "php": ">=5.3.3"
194 | },
195 | "type": "library",
196 | "autoload": {
197 | "classmap": [
198 | "File/"
199 | ]
200 | },
201 | "notification-url": "https://packagist.org/downloads/",
202 | "include-path": [
203 | ""
204 | ],
205 | "license": [
206 | "BSD-3-Clause"
207 | ],
208 | "authors": [
209 | {
210 | "name": "Sebastian Bergmann",
211 | "email": "sb@sebastian-bergmann.de",
212 | "role": "lead"
213 | }
214 | ],
215 | "description": "FilterIterator implementation that filters files based on a list of suffixes.",
216 | "homepage": "https://github.com/sebastianbergmann/php-file-iterator/",
217 | "keywords": [
218 | "filesystem",
219 | "iterator"
220 | ],
221 | "time": "2013-10-10T15:34:57+00:00"
222 | },
223 | {
224 | "name": "phpunit/php-text-template",
225 | "version": "1.2.1",
226 | "source": {
227 | "type": "git",
228 | "url": "https://github.com/sebastianbergmann/php-text-template.git",
229 | "reference": "31f8b717e51d9a2afca6c9f046f5d69fc27c8686"
230 | },
231 | "dist": {
232 | "type": "zip",
233 | "url": "https://api.github.com/repos/sebastianbergmann/php-text-template/zipball/31f8b717e51d9a2afca6c9f046f5d69fc27c8686",
234 | "reference": "31f8b717e51d9a2afca6c9f046f5d69fc27c8686",
235 | "shasum": ""
236 | },
237 | "require": {
238 | "php": ">=5.3.3"
239 | },
240 | "type": "library",
241 | "autoload": {
242 | "classmap": [
243 | "src/"
244 | ]
245 | },
246 | "notification-url": "https://packagist.org/downloads/",
247 | "license": [
248 | "BSD-3-Clause"
249 | ],
250 | "authors": [
251 | {
252 | "name": "Sebastian Bergmann",
253 | "email": "sebastian@phpunit.de",
254 | "role": "lead"
255 | }
256 | ],
257 | "description": "Simple template engine.",
258 | "homepage": "https://github.com/sebastianbergmann/php-text-template/",
259 | "keywords": [
260 | "template"
261 | ],
262 | "time": "2015-06-21T13:50:34+00:00"
263 | },
264 | {
265 | "name": "phpunit/php-timer",
266 | "version": "1.0.9",
267 | "source": {
268 | "type": "git",
269 | "url": "https://github.com/sebastianbergmann/php-timer.git",
270 | "reference": "3dcf38ca72b158baf0bc245e9184d3fdffa9c46f"
271 | },
272 | "dist": {
273 | "type": "zip",
274 | "url": "https://api.github.com/repos/sebastianbergmann/php-timer/zipball/3dcf38ca72b158baf0bc245e9184d3fdffa9c46f",
275 | "reference": "3dcf38ca72b158baf0bc245e9184d3fdffa9c46f",
276 | "shasum": ""
277 | },
278 | "require": {
279 | "php": "^5.3.3 || ^7.0"
280 | },
281 | "require-dev": {
282 | "phpunit/phpunit": "^4.8.35 || ^5.7 || ^6.0"
283 | },
284 | "type": "library",
285 | "extra": {
286 | "branch-alias": {
287 | "dev-master": "1.0-dev"
288 | }
289 | },
290 | "autoload": {
291 | "classmap": [
292 | "src/"
293 | ]
294 | },
295 | "notification-url": "https://packagist.org/downloads/",
296 | "license": [
297 | "BSD-3-Clause"
298 | ],
299 | "authors": [
300 | {
301 | "name": "Sebastian Bergmann",
302 | "email": "sb@sebastian-bergmann.de",
303 | "role": "lead"
304 | }
305 | ],
306 | "description": "Utility class for timing",
307 | "homepage": "https://github.com/sebastianbergmann/php-timer/",
308 | "keywords": [
309 | "timer"
310 | ],
311 | "time": "2017-02-26T11:10:40+00:00"
312 | },
313 | {
314 | "name": "phpunit/php-token-stream",
315 | "version": "1.4.11",
316 | "source": {
317 | "type": "git",
318 | "url": "https://github.com/sebastianbergmann/php-token-stream.git",
319 | "reference": "e03f8f67534427a787e21a385a67ec3ca6978ea7"
320 | },
321 | "dist": {
322 | "type": "zip",
323 | "url": "https://api.github.com/repos/sebastianbergmann/php-token-stream/zipball/e03f8f67534427a787e21a385a67ec3ca6978ea7",
324 | "reference": "e03f8f67534427a787e21a385a67ec3ca6978ea7",
325 | "shasum": ""
326 | },
327 | "require": {
328 | "ext-tokenizer": "*",
329 | "php": ">=5.3.3"
330 | },
331 | "require-dev": {
332 | "phpunit/phpunit": "~4.2"
333 | },
334 | "type": "library",
335 | "extra": {
336 | "branch-alias": {
337 | "dev-master": "1.4-dev"
338 | }
339 | },
340 | "autoload": {
341 | "classmap": [
342 | "src/"
343 | ]
344 | },
345 | "notification-url": "https://packagist.org/downloads/",
346 | "license": [
347 | "BSD-3-Clause"
348 | ],
349 | "authors": [
350 | {
351 | "name": "Sebastian Bergmann",
352 | "email": "sebastian@phpunit.de"
353 | }
354 | ],
355 | "description": "Wrapper around PHP's tokenizer extension.",
356 | "homepage": "https://github.com/sebastianbergmann/php-token-stream/",
357 | "keywords": [
358 | "tokenizer"
359 | ],
360 | "time": "2017-02-27T10:12:30+00:00"
361 | },
362 | {
363 | "name": "phpunit/phpunit",
364 | "version": "4.1.0",
365 | "source": {
366 | "type": "git",
367 | "url": "https://github.com/sebastianbergmann/phpunit.git",
368 | "reference": "efb1b1334605594417a3bd466477772d06d460a8"
369 | },
370 | "dist": {
371 | "type": "zip",
372 | "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/efb1b1334605594417a3bd466477772d06d460a8",
373 | "reference": "efb1b1334605594417a3bd466477772d06d460a8",
374 | "shasum": ""
375 | },
376 | "require": {
377 | "ext-dom": "*",
378 | "ext-json": "*",
379 | "ext-pcre": "*",
380 | "ext-reflection": "*",
381 | "ext-spl": "*",
382 | "php": ">=5.3.3",
383 | "phpunit/php-code-coverage": "~2.0",
384 | "phpunit/php-file-iterator": "~1.3.1",
385 | "phpunit/php-text-template": "~1.2",
386 | "phpunit/php-timer": "~1.0.2",
387 | "phpunit/phpunit-mock-objects": "~2.1",
388 | "sebastian/comparator": "~1.0",
389 | "sebastian/diff": "~1.1",
390 | "sebastian/environment": "~1.0",
391 | "sebastian/exporter": "~1.0",
392 | "sebastian/version": "~1.0",
393 | "symfony/yaml": "~2.0"
394 | },
395 | "suggest": {
396 | "phpunit/php-invoker": "~1.1"
397 | },
398 | "bin": [
399 | "phpunit"
400 | ],
401 | "type": "library",
402 | "extra": {
403 | "branch-alias": {
404 | "dev-master": "4.1.x-dev"
405 | }
406 | },
407 | "autoload": {
408 | "classmap": [
409 | "src/"
410 | ]
411 | },
412 | "notification-url": "https://packagist.org/downloads/",
413 | "include-path": [
414 | "",
415 | "../../symfony/yaml/"
416 | ],
417 | "license": [
418 | "BSD-3-Clause"
419 | ],
420 | "authors": [
421 | {
422 | "name": "Sebastian Bergmann",
423 | "email": "sebastian@phpunit.de",
424 | "role": "lead"
425 | }
426 | ],
427 | "description": "The PHP Unit Testing framework.",
428 | "homepage": "http://www.phpunit.de/",
429 | "keywords": [
430 | "phpunit",
431 | "testing",
432 | "xunit"
433 | ],
434 | "time": "2014-05-02T07:13:40+00:00"
435 | },
436 | {
437 | "name": "phpunit/phpunit-mock-objects",
438 | "version": "2.3.8",
439 | "source": {
440 | "type": "git",
441 | "url": "https://github.com/sebastianbergmann/phpunit-mock-objects.git",
442 | "reference": "ac8e7a3db35738d56ee9a76e78a4e03d97628983"
443 | },
444 | "dist": {
445 | "type": "zip",
446 | "url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/ac8e7a3db35738d56ee9a76e78a4e03d97628983",
447 | "reference": "ac8e7a3db35738d56ee9a76e78a4e03d97628983",
448 | "shasum": ""
449 | },
450 | "require": {
451 | "doctrine/instantiator": "^1.0.2",
452 | "php": ">=5.3.3",
453 | "phpunit/php-text-template": "~1.2",
454 | "sebastian/exporter": "~1.2"
455 | },
456 | "require-dev": {
457 | "phpunit/phpunit": "~4.4"
458 | },
459 | "suggest": {
460 | "ext-soap": "*"
461 | },
462 | "type": "library",
463 | "extra": {
464 | "branch-alias": {
465 | "dev-master": "2.3.x-dev"
466 | }
467 | },
468 | "autoload": {
469 | "classmap": [
470 | "src/"
471 | ]
472 | },
473 | "notification-url": "https://packagist.org/downloads/",
474 | "license": [
475 | "BSD-3-Clause"
476 | ],
477 | "authors": [
478 | {
479 | "name": "Sebastian Bergmann",
480 | "email": "sb@sebastian-bergmann.de",
481 | "role": "lead"
482 | }
483 | ],
484 | "description": "Mock Object library for PHPUnit",
485 | "homepage": "https://github.com/sebastianbergmann/phpunit-mock-objects/",
486 | "keywords": [
487 | "mock",
488 | "xunit"
489 | ],
490 | "time": "2015-10-02T06:51:40+00:00"
491 | },
492 | {
493 | "name": "sebastian/comparator",
494 | "version": "1.2.4",
495 | "source": {
496 | "type": "git",
497 | "url": "https://github.com/sebastianbergmann/comparator.git",
498 | "reference": "2b7424b55f5047b47ac6e5ccb20b2aea4011d9be"
499 | },
500 | "dist": {
501 | "type": "zip",
502 | "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/2b7424b55f5047b47ac6e5ccb20b2aea4011d9be",
503 | "reference": "2b7424b55f5047b47ac6e5ccb20b2aea4011d9be",
504 | "shasum": ""
505 | },
506 | "require": {
507 | "php": ">=5.3.3",
508 | "sebastian/diff": "~1.2",
509 | "sebastian/exporter": "~1.2 || ~2.0"
510 | },
511 | "require-dev": {
512 | "phpunit/phpunit": "~4.4"
513 | },
514 | "type": "library",
515 | "extra": {
516 | "branch-alias": {
517 | "dev-master": "1.2.x-dev"
518 | }
519 | },
520 | "autoload": {
521 | "classmap": [
522 | "src/"
523 | ]
524 | },
525 | "notification-url": "https://packagist.org/downloads/",
526 | "license": [
527 | "BSD-3-Clause"
528 | ],
529 | "authors": [
530 | {
531 | "name": "Jeff Welch",
532 | "email": "whatthejeff@gmail.com"
533 | },
534 | {
535 | "name": "Volker Dusch",
536 | "email": "github@wallbash.com"
537 | },
538 | {
539 | "name": "Bernhard Schussek",
540 | "email": "bschussek@2bepublished.at"
541 | },
542 | {
543 | "name": "Sebastian Bergmann",
544 | "email": "sebastian@phpunit.de"
545 | }
546 | ],
547 | "description": "Provides the functionality to compare PHP values for equality",
548 | "homepage": "http://www.github.com/sebastianbergmann/comparator",
549 | "keywords": [
550 | "comparator",
551 | "compare",
552 | "equality"
553 | ],
554 | "time": "2017-01-29T09:50:25+00:00"
555 | },
556 | {
557 | "name": "sebastian/diff",
558 | "version": "1.4.3",
559 | "source": {
560 | "type": "git",
561 | "url": "https://github.com/sebastianbergmann/diff.git",
562 | "reference": "7f066a26a962dbe58ddea9f72a4e82874a3975a4"
563 | },
564 | "dist": {
565 | "type": "zip",
566 | "url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/7f066a26a962dbe58ddea9f72a4e82874a3975a4",
567 | "reference": "7f066a26a962dbe58ddea9f72a4e82874a3975a4",
568 | "shasum": ""
569 | },
570 | "require": {
571 | "php": "^5.3.3 || ^7.0"
572 | },
573 | "require-dev": {
574 | "phpunit/phpunit": "^4.8.35 || ^5.7 || ^6.0"
575 | },
576 | "type": "library",
577 | "extra": {
578 | "branch-alias": {
579 | "dev-master": "1.4-dev"
580 | }
581 | },
582 | "autoload": {
583 | "classmap": [
584 | "src/"
585 | ]
586 | },
587 | "notification-url": "https://packagist.org/downloads/",
588 | "license": [
589 | "BSD-3-Clause"
590 | ],
591 | "authors": [
592 | {
593 | "name": "Kore Nordmann",
594 | "email": "mail@kore-nordmann.de"
595 | },
596 | {
597 | "name": "Sebastian Bergmann",
598 | "email": "sebastian@phpunit.de"
599 | }
600 | ],
601 | "description": "Diff implementation",
602 | "homepage": "https://github.com/sebastianbergmann/diff",
603 | "keywords": [
604 | "diff"
605 | ],
606 | "time": "2017-05-22T07:24:03+00:00"
607 | },
608 | {
609 | "name": "sebastian/environment",
610 | "version": "1.3.8",
611 | "source": {
612 | "type": "git",
613 | "url": "https://github.com/sebastianbergmann/environment.git",
614 | "reference": "be2c607e43ce4c89ecd60e75c6a85c126e754aea"
615 | },
616 | "dist": {
617 | "type": "zip",
618 | "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/be2c607e43ce4c89ecd60e75c6a85c126e754aea",
619 | "reference": "be2c607e43ce4c89ecd60e75c6a85c126e754aea",
620 | "shasum": ""
621 | },
622 | "require": {
623 | "php": "^5.3.3 || ^7.0"
624 | },
625 | "require-dev": {
626 | "phpunit/phpunit": "^4.8 || ^5.0"
627 | },
628 | "type": "library",
629 | "extra": {
630 | "branch-alias": {
631 | "dev-master": "1.3.x-dev"
632 | }
633 | },
634 | "autoload": {
635 | "classmap": [
636 | "src/"
637 | ]
638 | },
639 | "notification-url": "https://packagist.org/downloads/",
640 | "license": [
641 | "BSD-3-Clause"
642 | ],
643 | "authors": [
644 | {
645 | "name": "Sebastian Bergmann",
646 | "email": "sebastian@phpunit.de"
647 | }
648 | ],
649 | "description": "Provides functionality to handle HHVM/PHP environments",
650 | "homepage": "http://www.github.com/sebastianbergmann/environment",
651 | "keywords": [
652 | "Xdebug",
653 | "environment",
654 | "hhvm"
655 | ],
656 | "time": "2016-08-18T05:49:44+00:00"
657 | },
658 | {
659 | "name": "sebastian/exporter",
660 | "version": "1.2.2",
661 | "source": {
662 | "type": "git",
663 | "url": "https://github.com/sebastianbergmann/exporter.git",
664 | "reference": "42c4c2eec485ee3e159ec9884f95b431287edde4"
665 | },
666 | "dist": {
667 | "type": "zip",
668 | "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/42c4c2eec485ee3e159ec9884f95b431287edde4",
669 | "reference": "42c4c2eec485ee3e159ec9884f95b431287edde4",
670 | "shasum": ""
671 | },
672 | "require": {
673 | "php": ">=5.3.3",
674 | "sebastian/recursion-context": "~1.0"
675 | },
676 | "require-dev": {
677 | "ext-mbstring": "*",
678 | "phpunit/phpunit": "~4.4"
679 | },
680 | "type": "library",
681 | "extra": {
682 | "branch-alias": {
683 | "dev-master": "1.3.x-dev"
684 | }
685 | },
686 | "autoload": {
687 | "classmap": [
688 | "src/"
689 | ]
690 | },
691 | "notification-url": "https://packagist.org/downloads/",
692 | "license": [
693 | "BSD-3-Clause"
694 | ],
695 | "authors": [
696 | {
697 | "name": "Jeff Welch",
698 | "email": "whatthejeff@gmail.com"
699 | },
700 | {
701 | "name": "Volker Dusch",
702 | "email": "github@wallbash.com"
703 | },
704 | {
705 | "name": "Bernhard Schussek",
706 | "email": "bschussek@2bepublished.at"
707 | },
708 | {
709 | "name": "Sebastian Bergmann",
710 | "email": "sebastian@phpunit.de"
711 | },
712 | {
713 | "name": "Adam Harvey",
714 | "email": "aharvey@php.net"
715 | }
716 | ],
717 | "description": "Provides the functionality to export PHP variables for visualization",
718 | "homepage": "http://www.github.com/sebastianbergmann/exporter",
719 | "keywords": [
720 | "export",
721 | "exporter"
722 | ],
723 | "time": "2016-06-17T09:04:28+00:00"
724 | },
725 | {
726 | "name": "sebastian/recursion-context",
727 | "version": "1.0.5",
728 | "source": {
729 | "type": "git",
730 | "url": "https://github.com/sebastianbergmann/recursion-context.git",
731 | "reference": "b19cc3298482a335a95f3016d2f8a6950f0fbcd7"
732 | },
733 | "dist": {
734 | "type": "zip",
735 | "url": "https://api.github.com/repos/sebastianbergmann/recursion-context/zipball/b19cc3298482a335a95f3016d2f8a6950f0fbcd7",
736 | "reference": "b19cc3298482a335a95f3016d2f8a6950f0fbcd7",
737 | "shasum": ""
738 | },
739 | "require": {
740 | "php": ">=5.3.3"
741 | },
742 | "require-dev": {
743 | "phpunit/phpunit": "~4.4"
744 | },
745 | "type": "library",
746 | "extra": {
747 | "branch-alias": {
748 | "dev-master": "1.0.x-dev"
749 | }
750 | },
751 | "autoload": {
752 | "classmap": [
753 | "src/"
754 | ]
755 | },
756 | "notification-url": "https://packagist.org/downloads/",
757 | "license": [
758 | "BSD-3-Clause"
759 | ],
760 | "authors": [
761 | {
762 | "name": "Jeff Welch",
763 | "email": "whatthejeff@gmail.com"
764 | },
765 | {
766 | "name": "Sebastian Bergmann",
767 | "email": "sebastian@phpunit.de"
768 | },
769 | {
770 | "name": "Adam Harvey",
771 | "email": "aharvey@php.net"
772 | }
773 | ],
774 | "description": "Provides functionality to recursively process PHP variables",
775 | "homepage": "http://www.github.com/sebastianbergmann/recursion-context",
776 | "time": "2016-10-03T07:41:43+00:00"
777 | },
778 | {
779 | "name": "sebastian/version",
780 | "version": "1.0.6",
781 | "source": {
782 | "type": "git",
783 | "url": "https://github.com/sebastianbergmann/version.git",
784 | "reference": "58b3a85e7999757d6ad81c787a1fbf5ff6c628c6"
785 | },
786 | "dist": {
787 | "type": "zip",
788 | "url": "https://api.github.com/repos/sebastianbergmann/version/zipball/58b3a85e7999757d6ad81c787a1fbf5ff6c628c6",
789 | "reference": "58b3a85e7999757d6ad81c787a1fbf5ff6c628c6",
790 | "shasum": ""
791 | },
792 | "type": "library",
793 | "autoload": {
794 | "classmap": [
795 | "src/"
796 | ]
797 | },
798 | "notification-url": "https://packagist.org/downloads/",
799 | "license": [
800 | "BSD-3-Clause"
801 | ],
802 | "authors": [
803 | {
804 | "name": "Sebastian Bergmann",
805 | "email": "sebastian@phpunit.de",
806 | "role": "lead"
807 | }
808 | ],
809 | "description": "Library that helps with managing the version number of Git-hosted PHP projects",
810 | "homepage": "https://github.com/sebastianbergmann/version",
811 | "time": "2015-06-21T13:59:46+00:00"
812 | },
813 | {
814 | "name": "symfony/yaml",
815 | "version": "v2.8.27",
816 | "source": {
817 | "type": "git",
818 | "url": "https://github.com/symfony/yaml.git",
819 | "reference": "4c29dec8d489c4e37cf87ccd7166cd0b0e6a45c5"
820 | },
821 | "dist": {
822 | "type": "zip",
823 | "url": "https://api.github.com/repos/symfony/yaml/zipball/4c29dec8d489c4e37cf87ccd7166cd0b0e6a45c5",
824 | "reference": "4c29dec8d489c4e37cf87ccd7166cd0b0e6a45c5",
825 | "shasum": ""
826 | },
827 | "require": {
828 | "php": ">=5.3.9"
829 | },
830 | "type": "library",
831 | "extra": {
832 | "branch-alias": {
833 | "dev-master": "2.8-dev"
834 | }
835 | },
836 | "autoload": {
837 | "psr-4": {
838 | "Symfony\\Component\\Yaml\\": ""
839 | },
840 | "exclude-from-classmap": [
841 | "/Tests/"
842 | ]
843 | },
844 | "notification-url": "https://packagist.org/downloads/",
845 | "license": [
846 | "MIT"
847 | ],
848 | "authors": [
849 | {
850 | "name": "Fabien Potencier",
851 | "email": "fabien@symfony.com"
852 | },
853 | {
854 | "name": "Symfony Community",
855 | "homepage": "https://symfony.com/contributors"
856 | }
857 | ],
858 | "description": "Symfony Yaml Component",
859 | "homepage": "https://symfony.com",
860 | "time": "2017-06-01T20:52:29+00:00"
861 | }
862 | ],
863 | "aliases": [],
864 | "minimum-stability": "stable",
865 | "stability-flags": [],
866 | "prefer-stable": false,
867 | "prefer-lowest": false,
868 | "platform": {
869 | "php": ">=5.5.0"
870 | },
871 | "platform-dev": []
872 | }
873 |
--------------------------------------------------------------------------------
/phpunit.xml.dist:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | vendor/squizlabs/php_codesniffer/tests/AllTests.php
6 |
7 |
8 |
9 |
--------------------------------------------------------------------------------