PHP debug statements found
- Read doc
- Security
- Critical
More information: https://insight.symfony.com/what-we-analyse/php.debug_statements
- }
- // use var_dump to get the property names
- // get_object_vars() doesn't work
- $iniWas = \ini_set('xdebug.overload_var_dump', false);
- \ob_start();
- \var_dump($obj);
var_dump()should only be used for debug, and not committed to the source code repository.Last edited by Brad Kent- $dump = \ob_get_clean();
- \ini_set('xdebug.overload_var_dump', $iniWas);
- \preg_match_all('/^\s+\["(.*?)"\]=>\n/sm', $dump, $matches);
- $props = \array_fill_keys($matches[1], null);
PHP configuration should not be changed dynamically 5
- Read doc
- Bugrisk
- Major
More information: https://insight.symfony.com/what-we-analyse/php.dynamically_change_configuration
- if (!$this->isDomObj($obj)) {
- return;
- }
- // use var_dump to get the property names
- // get_object_vars() doesn't work
- $iniWas = \ini_set('xdebug.overload_var_dump', false);
Changing PHP configuration dynamically through
ini_set()may create hard to debug errors.Last edited by Brad Kent- \ob_start();
- \var_dump($obj);
- $dump = \ob_get_clean();
- \ini_set('xdebug.overload_var_dump', $iniWas);
- \preg_match_all('/^\s+\["(.*?)"\]=>\n/sm', $dump, $matches);
- // get_object_vars() doesn't work
- $iniWas = \ini_set('xdebug.overload_var_dump', false);
- \ob_start();
- \var_dump($obj);
- $dump = \ob_get_clean();
- \ini_set('xdebug.overload_var_dump', $iniWas);
Changing PHP configuration dynamically through
ini_set()may create hard to debug errors.Last edited by Brad Kent- \preg_match_all('/^\s+\["(.*?)"\]=>\n/sm', $dump, $matches);
- $props = \array_fill_keys($matches[1], null);
- if ($obj instanceof \DOMNode) {
- $props = \array_merge($props, array(
- /*
- Disable OPcache
- a) want to make sure we modify required files
- b) don't want to cache modified files
- */
- \ini_set('opcache.enable', 0);
Changing PHP configuration dynamically through
ini_set()may create hard to debug errors.Last edited by Brad Kent- }
- /**
- * Restore previous wrapper
- *
- public function register()
- {
- if ($this->registered) {
- return;
- }
- $this->prevDisplayErrors = \ini_set('display_errors', 0);
Changing PHP configuration dynamically through
ini_set()may create hard to debug errors.Last edited by Brad Kent- $this->prevErrorHandler = \set_error_handler(array($this, 'handleError'));
- $this->prevExceptionHandler = \set_exception_handler(array($this, 'handleException'));
- $this->registered = true; // used by this->onShutdown()
- return;
- }
- \restore_exception_handler();
- if ($exHandlerCur == array($this, 'handleException')) {
- // we are the current exception handler
- \restore_exception_handler();
- }
- \ini_set('display_errors', $this->prevDisplayErrors);
Changing PHP configuration dynamically through
ini_set()may create hard to debug errors.Last edited by Brad Kent- $this->prevErrorHandler = null;
- $this->prevExceptionHandler = null;
- $this->registered = false; // used by $this->onShutdown()
- return;
- }
Error silenced by the at sign (@) 4
- Read doc
- Bugrisk
- Minor
More information: https://insight.symfony.com/what-we-analyse/php.silenced_error
- self::restorePrev();
- if (!\file_exists($path)) {
- $info = false;
- } elseif ($flags & STREAM_URL_STAT_LINK) {
- $info = $flags & STREAM_URL_STAT_QUIET
- ? @\lstat($path)
Adding "@" before
\lstat($path)prevents warning and errors during this function execution from being displayed.
If you need to do that, you should probably implement a better way to qualify and recover from errors, using Exceptions.Last edited by Brad Kent- : \lstat($path);
- } else {
- $info = $flags & STREAM_URL_STAT_QUIET
- ? @\stat($path)
- : \stat($path);
- $info = $flags & STREAM_URL_STAT_QUIET
- ? @\lstat($path)
- : \lstat($path);
- } else {
- $info = $flags & STREAM_URL_STAT_QUIET
- ? @\stat($path)
Adding "@" before
\stat($path)prevents warning and errors during this function execution from being displayed.
If you need to do that, you should probably implement a better way to qualify and recover from errors, using Exceptions.Last edited by Brad Kent- : \stat($path);
- }
- self::register();
- return $info;
- }
- private function getParamDefaultVal(ReflectionParameter $reflectionParameter)
- {
- $defaultValue = Abstracter::UNDEFINED;
- if ($reflectionParameter->isDefaultValueAvailable()) {
- // suppressing following to avoid "Use of undefined constant STDERR" type notice
- $defaultValue = @$reflectionParameter->getDefaultValue();
Adding "@" before
$reflectionParameter->getDefaultValue()prevents warning and errors during this function execution from being displayed.
If you need to do that, you should probably implement a better way to qualify and recover from errors, using Exceptions.Last edited by Brad Kent- if (\version_compare(PHP_VERSION, '5.4.6', '>=') && $reflectionParameter->isDefaultValueConstant()) {
- /*
- getDefaultValueConstantName() :
- php may return something like self::CONSTANT_NAME
- hhvm will return WhateverTheClassNameIs::CONSTANT_NAME
- if ($type instanceof \ReflectionNamedType) {
- $type = $type->getName();
- } elseif ($type) {
- $type = (string) $type;
- }
- } elseif (\preg_match('/\[\s<\w+>\s([\w\\\\]+)/s', @$reflectionParameter->__toString(), $matches)) {
Adding "@" before
$reflectionParameter->__toString()prevents warning and errors during this function execution from being displayed.
If you need to do that, you should probably implement a better way to qualify and recover from errors, using Exceptions.Last edited by Brad Kent- // suppressed error to avoid "Use of undefined constant STDERR" type notice
- // Parameter #0 [ <required> namespace\Type $varName ]
- $type = $matches[1];
- }
- if (!$type && isset($phpDoc['type'])) {
Object parameters should be type hinted
- Read doc
- Bugrisk
- Minor
More information: https://insight.symfony.com/what-we-analyse/php.object_parameter_not_type_hinted
- *
- * @param Exception|Throwable $exception exception to handle
- *
- * @return void
- */
- public function handleException($exception)
The parameter
exception, which is an object, should be typehinted.Last edited by Brad Kent- {
- // lets store the exception so we can use the backtrace it provides
- // error constructor will pull this
- $this->data['uncaughtException'] = $exception;
- \http_response_code(500);
PHP code should follow PSR-1 basic coding standard 22
- Read doc
- Codestyle
- Info
More information: https://insight.symfony.com/what-we-analyse/php.psr1
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.dir-closedir.php
- */
- public function dir_closedir()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.dir-opendir.php
- */
- public function dir_opendir($path, $options = 0)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if ($this->handle) {
- return false;
- }
- // "use" our function params so things don't complain
- *
- * @return string|boolean
- *
- * @see http://php.net/manual/en/streamwrapper.dir-readdir.php
- */
- public function dir_readdir()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.dir-rewinddir.php
- */
- public function dir_rewinddir()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return resource|boolean
- *
- * @see http://php.net/manual/en/streamwrapper.stream-cast.php
- */
- public function stream_cast($castAs)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if ($this->handle && $castAs & STREAM_CAST_AS_STREAM) {
- return $this->handle;
- }
- return false;
- *
- * @see http://php.net/manual/en/streamwrapper.stream-close.php
- *
- * @return void
- */
- public function stream_close()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return;
- }
- self::restorePrev();
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.stream-eof.php
- */
- public function stream_eof()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.stream-flush.php
- */
- public function stream_flush()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.stream-lock.php
- */
- public function stream_lock($operation)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.stream-metadata.php
- */
- public function stream_metadata($path, $option, $value)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- self::restorePrev();
- switch ($option) {
- case STREAM_META_TOUCH:
- if (!empty($value)) {
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.stream-open.php
- * @throws \UnexpectedValueException
- */
- public function stream_open($path, $mode, $options, &$openedPath)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if ($this->handle) {
- return false;
- }
- $useIncludePath = (bool) $options & STREAM_USE_PATH;
- *
- * @return string
- *
- * @see http://php.net/manual/en/streamwrapper.stream-read.php
- */
- public function stream_read($count)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.stream-seek.php
- */
- public function stream_seek($offset, $whence = SEEK_SET)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return array
- *
- * @see http://php.net/manual/en/streamwrapper.stream-stat.php
- */
- public function stream_stat()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return integer
- *
- * @see http://php.net/manual/en/streamwrapper.stream-tell.php
- */
- public function stream_tell()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return boolean
- *
- * @see http://php.net/manual/en/streamwrapper.stream-truncate.php
- */
- public function stream_truncate($size)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return integer
- *
- * @see http://php.net/manual/en/streamwrapper.stream-write.php
- */
- public function stream_write($data)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- if (!$this->handle) {
- return false;
- }
- self::restorePrev();
- *
- * @return array
- *
- * @see http://php.net/manual/en/streamwrapper.url-stat.php
- */
- public function url_stat($path, $flags)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- self::restorePrev();
- if (!\file_exists($path)) {
- $info = false;
- } elseif ($flags & STREAM_URL_STAT_LINK) {
- /**
- * {@inheritDoc}
- *
- * Requires php >= 5.6 (variadic syntax)
- */
- public function bind_param($types, &...$vals)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- $this->params = $vals;
- $this->types = \str_split($types);
- return parent::bind_param($types, ...$vals);
- }
- }
- /**
- * {@inheritDoc}
- */
- public function multi_query($query)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- return $this->profileCall('multi_query', $query, \func_get_args());
- }
- /**
- }
- /**
- * {@inheritDoc}
- */
- public function real_query($query)
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- return $this->profileCall('real_query', $query, \func_get_args());
- }
- /**
- }
- /**
- * {@inheritDoc}
- */
- public function stmt_init()
Method names should be declared in
camelCase.
You should rename this method to comply with PSR-1.Last edited by Brad Kent- {
- return new MySqliStmt($this, null, $this->debug);
- }
- }
bkdotcom
bkdotcom