Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
gsherwood committed Dec 20, 2019
2 parents 90b719d + 6a09f8c commit 34ebced
Show file tree
Hide file tree
Showing 5 changed files with 132 additions and 0 deletions.
4 changes: 4 additions & 0 deletions package.xml
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,7 @@ http://pear.php.net/dtd/package-2.0.xsd">
<file baseinstalldir="PHP/CodeSniffer" name="ClosingPHPTagStandard.xml" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DeprecatedFunctionsStandard.xml" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowAlternativePHPTagsStandard.xml" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowRequestSuperGlobalStandard.xml" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowShortOpenTagStandard.xml" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DiscourageGotoStandard.xml" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="ForbiddenFunctionsStandard.xml" role="php" />
Expand Down Expand Up @@ -352,6 +353,7 @@ http://pear.php.net/dtd/package-2.0.xsd">
<file baseinstalldir="PHP/CodeSniffer" name="CharacterBeforePHPOpeningTagSniff.php" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="ClosingPHPTagSniff.php" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DeprecatedFunctionsSniff.php" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowRequestSuperGlobalSniff.php" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowShortOpenTagSniff.php" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowAlternativePHPTagsSniff.php" role="php" />
<file baseinstalldir="PHP/CodeSniffer" name="DiscourageGotoSniff.php" role="php" />
Expand Down Expand Up @@ -611,6 +613,8 @@ http://pear.php.net/dtd/package-2.0.xsd">
<file baseinstalldir="PHP/CodeSniffer" name="DisallowAlternativePHPTagsUnitTest.2.inc.fixed" role="test" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowAlternativePHPTagsUnitTest.3.inc" role="test" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowAlternativePHPTagsUnitTest.php" role="test" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowRequestSuperGlobalUnitTest.inc" role="test" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowRequestSuperGlobalUnitTest.php" role="test" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowShortOpenTagUnitTest.1.inc" role="test" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowShortOpenTagUnitTest.1.inc.fixed" role="test" />
<file baseinstalldir="PHP/CodeSniffer" name="DisallowShortOpenTagUnitTest.2.inc" role="test" />
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
<documentation title="$_REQUEST Super Global">
<standard>
<![CDATA[
$_REQUEST should never be used due to the ambiguity created to identify where the data is coming from. Use $_POST, $_GET or $_COOKIE instead
]]>
</standard>
</documentation>
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
<?php
/**
* Ensures the $_REQUEST super global is not used
*
* @author Jeantwan Teuma <[email protected]>
* @copyright 2006-2019 Squiz Pty Ltd (ABN 77 084 670 600)
* @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence
*/

namespace PHP_CodeSniffer\Standards\Generic\Sniffs\PHP;

use PHP_CodeSniffer\Files\File;
use PHP_CodeSniffer\Sniffs\Sniff;

class DisallowRequestSuperGlobalSniff implements Sniff
{


/**
* Returns an array of tokens this test wants to listen for.
*
* @return array
*/
public function register()
{
return [T_VARIABLE];

}//end register()


/**
* Processes this sniff, when one of its tokens is encountered.
*
* @param File $phpcsFile The file being scanned.
* @param int $stackPtr The position of the current token in the stack passed in $tokens.
*
* @return void
*/
public function process(File $phpcsFile, $stackPtr)
{
$tokens = $phpcsFile->getTokens();

$varName = $tokens[$stackPtr]['content'];
if ($varName !== '$_REQUEST') {
return;
}

$error = 'The $_REQUEST super global should not be used. Use $_GET, $_POST or $_COOKIE instead';
$phpcsFile->addError($error, $stackPtr, 'Found');

}//end process()


}//end class
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
<?php
echo $_REQUEST['action'];

echo '$_REQUEST';

echo $_POST['action'];

echo $_GET[$action];

echo $_COOKIE['action'];

$sample = Util::getArrayIndex($_REQUEST, 'sample', '');
$syntax = Util::getArrayIndex($_REQUEST, 'syntax', '');
$value = Util::getArrayIndex($_FILES, $key, $default);

?>
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
<?php
/**
* Unit test class for the DisallowRequestSuperGlobal sniff.
*
* @author Jeantwan Teuma <[email protected]>
* @copyright 2006-2019 Squiz Pty Ltd (ABN 77 084 670 600)
* @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence
*/
namespace PHP_CodeSniffer\Standards\Generic\Tests\PHP;

use PHP_CodeSniffer\Tests\Standards\AbstractSniffUnitTest;

class DisallowRequestSuperGlobalUnitTest extends AbstractSniffUnitTest
{


/**
* Returns the lines where errors should occur.
*
* The key of the array should represent the line number and the value
* should represent the number of errors that should occur on that line.
*
* @return array<int, int>
*/
protected function getErrorList()
{
return [
2 => 1,
12 => 1,
13 => 1,
];

}//end getErrorList()


/**
* Returns the lines where warnings should occur.
*
* The key of the array should represent the line number and the value
* should represent the number of warnings that should occur on that line.
*
* @return array<int, int>
*/
protected function getWarningList()
{
return [];

}//end getWarningList()


}//end class

0 comments on commit 34ebced

Please sign in to comment.