Database queries should use parameter binding

More information: https://insight.symfony.com/what-we-analyse/doctrine.database_query_contains_string_and_variable_concatenation

  1. if (null === $date) {
  2. $date = new \DateTime();
  3. }
  4. $queryData = [
  5. 'q' => 'select * from yahoo.finance.historicaldata where symbol in ("' . implode('","', $currencyCodes) . '") and startDate = "' . $date->format('Y-m-d') . '" and endDate = "' . $date->format('Y-m-d') . '"',

    If provided by the user, the value of implode('","', $currencyCodes) may allow an SQL injection attack. Avoid concatenating parameters to SQL query strings, and use parameter binding instead.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Alexander Dorozhkin
  6. 'env' => 'store://datatables.org/alltableswithkeys',
  7. ];
  8. $query = self::BASE_URL . '?' . http_build_query($queryData);
  9. $ratesXml = $this->xmlLoader->load($query);

User specific files should not appear in .gitignore

More information: https://insight.symfony.com/what-we-analyse/git.user_specific_ignored_file

in .gitignore, line 4
  1. composer.phar
  2. vendor/
  3. composer.lock
  4. /.idea/

    /.idea/ is user-specific and should not appear in a project .gitignore. Consider adding it to the user global .gitignore instead.

    Time to fix: about 15 minutes
    Open Issue Permalink
    Last edited by Andrey Red
  5. /build/

Interfaces names should end with "Interface" 5

More information: https://insight.symfony.com/what-we-analyse/php.interface_has_no_interface_suffix

  1. namespace RedCode\Currency;
  2. /**
  3. * @author maZahaca
  4. */
  5. interface ICurrencyManager

    Interface ICurrencyManager should be named ICurrencyManagerInterface for better clarity.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Andrey Red
  6. {
  7. /**
  8. * Get currency by 3 symbol code
  9. * @param string $code
  10. * @return ICurrency
  1. namespace RedCode\Currency;
  2. /**
  3. * @author maZahaca
  4. */
  5. interface ICurrency

    Interface ICurrency should be named ICurrencyInterface for better clarity.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Andrey Red
  6. {
  7. /**
  8. * Get 3 symbols currency code
  9. * @return string
  10. */
  1. use RedCode\Currency\Rate\Provider\ICurrencyRateProvider;
  2. /**
  3. * @author maZahaca
  4. */
  5. interface ICurrencyRateManager

    Interface ICurrencyRateManager should be named ICurrencyRateManagerInterface for better clarity.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Andrey Red
  6. {
  7. /**
  8. * Create new rate with params
  9. *
  10. * @param \RedCode\Currency\ICurrency $currency
  1. use RedCode\Currency\ICurrency;
  2. /**
  3. * @author maZahaca
  4. */
  5. interface ICurrencyRate

    Interface ICurrencyRate should be named ICurrencyRateInterface for better clarity.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Andrey Red
  6. {
  7. /**
  8. * Return rate date
  9. * @return \DateTime
  10. */
  1. use RedCode\Currency\Rate\ICurrencyRate;
  2. /**
  3. * @author maZahaca
  4. */
  5. interface ICurrencyRateProvider

    Interface ICurrencyRateProvider should be named ICurrencyRateProviderInterface for better clarity.

    Time to fix: about 1 hour
    Open Issue Permalink
    Last edited by Andrey Red
  6. {
  7. /**
  8. * Load rates by date
  9. * @param ICurrency[] $currencies
  10. * @param \DateTime|null $date