This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Argument parser |
||
4 | * |
||
5 | * @author Matthias Gisder <[email protected]> |
||
6 | * @copyright 2014 inGenerator Ltd |
||
7 | * @licence BSD |
||
8 | */ |
||
9 | |||
10 | |||
11 | namespace Ingenerator\RunSingle; |
||
12 | |||
13 | |||
14 | class ArgumentParser |
||
15 | { |
||
16 | protected $sep_counter; |
||
17 | |||
18 | protected $arg_defaults = array( |
||
19 | 'task_name' => '', |
||
20 | 'timeout' => '', |
||
21 | 'automatic_garbage_collect' => TRUE, |
||
22 | 'command' => '', |
||
23 | ); |
||
24 | |||
25 | /** |
||
26 | * @param array $argv |
||
27 | * |
||
28 | * @return array |
||
0 ignored issues
–
show
|
|||
29 | * @throws \InvalidArgumentException |
||
30 | */ |
||
31 | public function parse(array $argv) |
||
32 | { |
||
33 | $this->sep_counter = $this->find_sep_counter($argv); |
||
34 | $arg_parts = \array_merge($this->arg_defaults, $this->find_arg_parts($argv)); |
||
35 | $this->command_parts = $this->escaped_command_parts($argv); |
||
0 ignored issues
–
show
The property
command_parts does not exist. Did you maybe forget to declare it?
In PHP it is possible to write to properties without declaring them. For example, the following is perfectly valid PHP code: class MyClass { }
$x = new MyClass();
$x->foo = true;
Generally, it is a good practice to explictly declare properties to avoid accidental typos and provide IDE auto-completion: class MyClass {
public $foo;
}
$x = new MyClass();
$x->foo = true;
Loading history...
|
|||
36 | |||
37 | $args['timeout'] = $this->timeout($arg_parts); |
||
0 ignored issues
–
show
Coding Style
Comprehensibility
introduced
by
$args was never initialized. Although not strictly required by PHP, it is generally a good practice to add $args = array(); before regardless.
Adding an explicit array definition is generally preferable to implicit array definition as it guarantees a stable state of the code. Let’s take a look at an example: foreach ($collection as $item) {
$myArray['foo'] = $item->getFoo();
if ($item->hasBar()) {
$myArray['bar'] = $item->getBar();
}
// do something with $myArray
}
As you can see in this example, the array This might or might not be intended. To make your intention clear, your code more readible and to avoid accidental bugs, we recommend to add an explicit initialization $myArray = array() either outside or inside the foreach loop.
Loading history...
|
|||
38 | $args['task_name'] = $this->task_name($arg_parts); |
||
39 | $args['automatic_garbage_collect'] = $this->automatic_garbage_collect($arg_parts); |
||
40 | $args['command'] = $this->command($argv); |
||
41 | |||
42 | return ($args); |
||
43 | } |
||
44 | |||
45 | /** |
||
46 | * @param array $args |
||
47 | * |
||
48 | * @return int |
||
0 ignored issues
–
show
|
|||
49 | * @throws \InvalidArgumentException |
||
50 | */ |
||
51 | protected function timeout($args) |
||
52 | { |
||
53 | if (! \is_numeric($args['timeout']) || $args['timeout'] <= 0) { |
||
54 | throw new \InvalidArgumentException('invalid or missing timeout value (set with "--timeout=".'); |
||
55 | } |
||
56 | |||
57 | return $args['timeout']; |
||
58 | } |
||
59 | |||
60 | /** |
||
61 | * @param array $args |
||
62 | * |
||
63 | * @return string |
||
64 | * @throws \InvalidArgumentException |
||
65 | */ |
||
66 | protected function task_name($args) |
||
67 | { |
||
68 | if (! \is_string($args['task_name']) || $args['task_name'] == '') { |
||
69 | throw new \InvalidArgumentException('invalid or missing task_name value (set with "--task_name=".'); |
||
70 | } |
||
71 | |||
72 | return $args['task_name']; |
||
73 | } |
||
74 | |||
75 | /** |
||
76 | * @param array $args |
||
77 | * |
||
78 | * @return bool |
||
79 | */ |
||
80 | protected function automatic_garbage_collect($args) |
||
81 | { |
||
82 | if (isset($args['no-garbage-collect'])) { |
||
0 ignored issues
–
show
|
|||
83 | return FALSE; |
||
84 | } |
||
85 | |||
86 | return TRUE; |
||
87 | } |
||
88 | |||
89 | /** |
||
90 | * @param $argv |
||
91 | * |
||
92 | * @return string |
||
93 | * @throws \InvalidArgumentException |
||
94 | */ |
||
95 | protected function command($argv) |
||
96 | { |
||
97 | $command = \implode(' ', $this->escaped_command_parts($argv)); |
||
98 | if ($command === '') { |
||
99 | throw new \InvalidArgumentException('command has to be specified'); |
||
100 | } |
||
101 | |||
102 | return $command; |
||
103 | } |
||
104 | |||
105 | /** |
||
106 | * @param array $argv |
||
107 | * |
||
108 | * @return array |
||
0 ignored issues
–
show
|
|||
109 | */ |
||
110 | protected function find_sep_counter($argv) |
||
111 | { |
||
112 | $sep_counter = 0; |
||
113 | foreach ($argv as $arg) { |
||
114 | if ($arg == '--') { |
||
115 | break; |
||
116 | } |
||
117 | $sep_counter ++; |
||
118 | } |
||
119 | |||
120 | return $sep_counter; |
||
121 | } |
||
122 | |||
123 | /** |
||
124 | * @param array $argv |
||
125 | * |
||
126 | * @return array |
||
127 | */ |
||
128 | protected function find_arg_parts($argv) |
||
129 | { |
||
130 | $arg_parts = array(); |
||
131 | $key_value_strings = $this->key_value_strings($argv); |
||
132 | foreach ($key_value_strings as $key_value_string) { |
||
133 | $new = \explode('=', $key_value_string); |
||
134 | |||
135 | if (\preg_match('/\-\-/', $new[0])) { |
||
136 | $new[0] = \str_replace('--', '', $new[0]); |
||
137 | // for arguments requiring no value assignment |
||
138 | if (! isset($new[1])) { |
||
139 | $new[1] = TRUE; |
||
140 | } |
||
141 | $arg_parts[$new[0]] = $new[1]; |
||
142 | } |
||
143 | } |
||
144 | |||
145 | return $arg_parts; |
||
146 | } |
||
147 | |||
148 | /** |
||
149 | * @param array $argv |
||
150 | * |
||
151 | * @return array |
||
152 | */ |
||
153 | protected function key_value_strings($argv) |
||
154 | { |
||
155 | $key_value_strings = array(); |
||
156 | if ($this->sep_counter > 0) { |
||
157 | $key_value_strings = \array_slice($argv, 0, $this->sep_counter); |
||
158 | } |
||
159 | |||
160 | return $key_value_strings; |
||
161 | } |
||
162 | |||
163 | /** |
||
164 | * @param array $argv |
||
165 | * |
||
166 | * @return array |
||
167 | */ |
||
168 | protected function escaped_command_parts($argv) |
||
169 | { |
||
170 | $command_parts = array(); |
||
171 | if ($this->sep_counter > 0) { |
||
172 | $command_parts = \array_slice($argv, $this->sep_counter + 1); |
||
173 | } |
||
174 | |||
175 | return \array_map('escapeshellarg', $command_parts); |
||
176 | } |
||
177 | |||
178 | } |
||
179 |
This check looks for the generic type
array
as a return type and suggests a more specific type. This type is inferred from the actual code.