ProcessUtils::escapeArgument() - Code Metrics - Inspection of "Fixes #648: Allow Symfony 4 components in composer..." - consolidation/robo - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#651)

by Greg

created 2017-12-13 01:36 UTC

ProcessUtils::escapeArgument() C

↳ Parent: ProcessUtils

Complexity

Conditions	8
Paths	12

Size

Total Lines	39
Code Lines	21

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	39
rs	5.3846
c	0
b	0
f	0
cc	8
eloc	21
nc	12
nop	1

<?php

/*
 * This file is derived from part of the Symfony package, which is
 * (c) Fabien Potencier <[email protected]>
 */

namespace Robo\Common;

use Symfony\Component\Process\Exception\InvalidArgumentException;

/**
 * ProcessUtils is a bunch of utility methods. We want to allow Robo 1.x
 * to work with Symfony 4.x while remaining backwards compatibility. This
 * requires us to replace some deprecated functionality removed in Symfony.
 */
class ProcessUtils
{
    /**
     * This class should not be instantiated.
     */
    private function __construct()
    {
    }

    /**
     * Escapes a string to be used as a shell argument.
     *
     * @param string $argument The argument that will be escaped
     *
     * @return string The escaped argument
     *
     * @deprecated since version 3.3, to be removed in 4.0. Use a command line array or give env vars to the `Process::start/run()` method instead.
     */
    public static function escapeArgument($argument)
    {
        @trigger_error('The '.__METHOD__.'() method is a copy of a method that was deprecated by Symfony 3.3 and removed in Symfony 4; it will be removed in Robo 2.0.', E_USER_DEPRECATED);
// For example instead of
@mkdir($dir);

// Better use
if (@mkdir($dir) === false) {
    throw new \RuntimeException('The directory '.$dir.' could not be created.');
}

        //Fix for PHP bug #43784 escapeshellarg removes % from given string
        //Fix for PHP bug #49446 escapeshellarg doesn't work on Windows
        //@see https://bugs.php.net/bug.php?id=43784
        //@see https://bugs.php.net/bug.php?id=49446
        if ('\\' === DIRECTORY_SEPARATOR) {
            if ('' === $argument) {
                return escapeshellarg($argument);
            }

            $escapedArgument = '';
            $quote = false;
            foreach (preg_split('/(")/', $argument, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE) as $part) {
                if ('"' === $part) {
                    $escapedArgument .= '\\"';
                } elseif (self::isSurroundedBy($part, '%')) {

                    // Avoid environment variable expansion
                    $escapedArgument .= '^%"'.substr($part, 1, -1).'"^%';
                } else {
                    // escape trailing backslash
                    if ('\\' === substr($part, -1)) {
                        $part .= '\\';
                    }
                    $quote = true;
                    $escapedArgument .= $part;
                }
            }
            if ($quote) {
                $escapedArgument = '"'.$escapedArgument.'"';
            }

            return $escapedArgument;
        }

        return "'".str_replace("'", "'\\''", $argument)."'";
    }
}


1			<?php
2
3			/*
4			* This file is derived from part of the Symfony package, which is
5			* (c) Fabien Potencier <[email protected]>
6			*/
7
8			namespace Robo\Common;
9
10			use Symfony\Component\Process\Exception\InvalidArgumentException;
11
12			/**
13			* ProcessUtils is a bunch of utility methods. We want to allow Robo 1.x
14			* to work with Symfony 4.x while remaining backwards compatibility. This
15			* requires us to replace some deprecated functionality removed in Symfony.
16			*/
17			class ProcessUtils
18			{
19			/**
20			* This class should not be instantiated.
21			*/
22			private function __construct()
23			{
24			}
25
26			/**
27			* Escapes a string to be used as a shell argument.
28			*
29			* @param string $argument The argument that will be escaped
30			*
31			* @return string The escaped argument
32			*
33			* @deprecated since version 3.3, to be removed in 4.0. Use a command line array or give env vars to the `Process::start/run()` method instead.
34			*/
35			public static function escapeArgument($argument)
36			{
37			@trigger_error('The '.__METHOD__.'() method is a copy of a method that was deprecated by Symfony 3.3 and removed in Symfony 4; it will be removed in Robo 2.0.', E_USER_DEPRECATED);
			0 ignored issues – show Security Best Practice introduced 2017-12-11 21:57 UTC by Report Bug Copy Issue Report It seems like you do not handle an error condition here. This can introduce security issues, and is generally not recommended. If you suppress an error, we recommend checking for the error condition explicitly: // For example instead of @mkdir($dir); // Better use if (@mkdir($dir) === false) { throw new \RuntimeException('The directory '.$dir.' could not be created.'); } Loading history...
38
39			//Fix for PHP bug #43784 escapeshellarg removes % from given string
40			//Fix for PHP bug #49446 escapeshellarg doesn't work on Windows
41			//@see https://bugs.php.net/bug.php?id=43784
42			//@see https://bugs.php.net/bug.php?id=49446
43			if ('\\' === DIRECTORY_SEPARATOR) {
44			if ('' === $argument) {
45			return escapeshellarg($argument);
46			}
47
48			$escapedArgument = '';
49			$quote = false;
50			foreach (preg_split('/(")/', $argument, -1, PREG_SPLIT_NO_EMPTY \| PREG_SPLIT_DELIM_CAPTURE) as $part) {
51			if ('"' === $part) {
52			$escapedArgument .= '\\"';
53			} elseif (self::isSurroundedBy($part, '%')) {
			0 ignored issues – show Bug introduced 2017-12-11 21:57 UTC by Report Bug Copy Issue Report The method `isSurroundedBy()` does not seem to exist on `object<Robo\Common\ProcessUtils>`. This check looks for calls to methods that do not seem to exist on a given type. It looks for the method on the type itself as well as in inherited classes or implemented interfaces. This is most likely a typographical error or the method has been renamed. Loading history...
54			// Avoid environment variable expansion
55			$escapedArgument .= '^%"'.substr($part, 1, -1).'"^%';
56			} else {
57			// escape trailing backslash
58			if ('\\' === substr($part, -1)) {
59			$part .= '\\';
60			}
61			$quote = true;
62			$escapedArgument .= $part;
63			}
64			}
65			if ($quote) {
66			$escapedArgument = '"'.$escapedArgument.'"';
67			}
68
69			return $escapedArgument;
70			}
71
72			return "'".str_replace("'", "'\\''", $argument)."'";
73			}
74			}
75

consolidation / robo

Pull Request — master (#651)

ProcessUtils::escapeArgument() C

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like