Issues in LintCommand.php (master) - Issues in master - overtrue/phplint - Measure and Improve Code Quality continuously with Scrutinizer

Issues (10)

Security Analysis no request data

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/Command/LintCommand.php (4 issues)

Labels

Severity

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/*
 * This file is part of the overtrue/phplint
 *
 * (c) overtrue <[email protected]>
 *
 * This source file is subject to the MIT license that is bundled
 * with this source code in the file LICENSE.
 */

namespace Overtrue\PHPLint\Command;

use DateTime;
use Exception;
use JakubOnderka\PhpConsoleColor\ConsoleColor;
use JakubOnderka\PhpConsoleHighlighter\Highlighter;
use N98\JUnitXml\Document;
use Overtrue\PHPLint\Cache;
use Overtrue\PHPLint\Linter;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Helper\Helper;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;
use Symfony\Component\Console\Terminal;
use Symfony\Component\Finder\SplFileInfo;
use Symfony\Component\Yaml\Exception\ParseException;
use Symfony\Component\Yaml\Yaml;

/**
 * Class LintCommand.
 */
class LintCommand extends Command
{
    /**
     * @var array
     */
    protected $defaults = [
        'jobs' => 5,
        'path' => '.',
        'exclude' => [],
        'extensions' => ['php'],
        'warning' => false
    ];

    /**
     * @var \Symfony\Component\Console\Input\InputInterface
     */
    protected $input;

    /**
     * @var \Symfony\Component\Console\Output\OutputInterface
     */
    protected $output;

    /**
     * Configures the current command.
     */
    protected function configure()
    {
        $this
            ->setName('phplint')
            ->setDescription('Lint something')
            ->addArgument(
                'path',
                InputArgument::OPTIONAL | InputArgument::IS_ARRAY,
                'Path to file or directory to lint.'
            )
            ->addOption(
                'exclude',
                null,
                InputOption::VALUE_REQUIRED | InputOption::VALUE_IS_ARRAY,
                'Path to file or directory to exclude from linting'
            )
            ->addOption(
                'extensions',
                null,
                InputOption::VALUE_REQUIRED,
                'Check only files with selected extensions (default: php)'
            )
            ->addOption(
                'jobs',
                'j',
                InputOption::VALUE_REQUIRED,
                'Number of parraled jobs to run (default: 5)'
            )
            ->addOption(
                'configuration',
                'c',
                InputOption::VALUE_REQUIRED,
                'Read configuration from config file (default: ./.phplint.yml).'
            )
            ->addOption(
                'no-configuration',
                null,
                InputOption::VALUE_NONE,
                'Ignore default configuration file (default: ./.phplint.yml).'
            )
            ->addOption(
                'no-cache',
                null,
                InputOption::VALUE_NONE,
                'Ignore cached data.'
            )
            ->addOption(
                'cache',
                null,
                InputOption::VALUE_REQUIRED,
                'Path to the cache file.'
            )
            ->addOption(
                'no-progress',
                null,
                InputOption::VALUE_NONE,
                'Hide the progress output.'
            )
            ->addOption(
                'json',
                null,
                InputOption::VALUE_OPTIONAL,
                'Path to store JSON results.'
            )
            ->addOption(
                'xml',
                null,
                InputOption::VALUE_OPTIONAL,
                'Path to store JUnit XML results.'
            )
            ->addOption(
                'warning',
                'w',
                InputOption::VALUE_NONE,
                'Also show warnings.'
            )
            ->addOption(
                'quiet',
                'q',
                InputOption::VALUE_NONE,
                'Allow to silenty fail.'
            );
    }

    /**
     * Initializes the command just after the input has been validated.
     *
     * This is mainly useful when a lot of commands extends one main command
     * where some things need to be initialized based on the input arguments and options.
     *
     * @param InputInterface  $input  An InputInterface instance
     * @param OutputInterface $output An OutputInterface instance
     */
    public function initialize(InputInterface $input, OutputInterface $output)
    {
        $this->input = $input;
        $this->output = $output;
    }

    /**
     * Executes the current command.
     *
     * This method is not abstract because you can use this class
     * as a concrete class. In this case, instead of defining the
     * execute() method, you set the code to execute by passing
     * a Closure to the setCode() method.
     *
     * @param InputInterface  $input  An InputInterface instance
     * @param OutputInterface $output An OutputInterface instance
     *
     * @throws \LogicException When this abstract method is not implemented
     *
     * @return null|int null or 0 if everything went fine, or an error code
     *
     * @see setCode()
     *
     * @throws \JakubOnderka\PhpConsoleColor\InvalidStyleException
     */
    protected function execute(InputInterface $input, OutputInterface $output)
    {
        $startTime = microtime(true);
        $startMemUsage = memory_get_usage(true);

        $output->writeln($this->getApplication()->getLongVersion() . " by overtrue and contributors.\n");

        $options = $this->mergeOptions();
        $verbosity = $output->getVerbosity();

        if ($verbosity >= OutputInterface::VERBOSITY_DEBUG) {
            $output->writeln('Options: ' . json_encode($options) . "\n");
        }

        $linter = new Linter($options['path'], $options['exclude'], $options['extensions'], $options['warning']);
        $linter->setProcessLimit($options['jobs']);

        if (!empty($options['cache'])) {
            Cache::setFilename($options['cache']);
        }

        $usingCache = 'No';
        if (!$input->getOption('no-cache') && Cache::isCached()) {
            $usingCache = 'Yes';
            $linter->setCache(Cache::get());
        }

        $fileCount = count($linter->getFiles());

        if ($fileCount <= 0) {
            $output->writeln('<info>Could not find files to lint</info>');

            return 0;
        }

        $errors = $this->executeLint($linter, $input, $output, $fileCount);

        $timeUsage = Helper::formatTime(microtime(true) - $startTime);
        $memUsage = Helper::formatMemory(memory_get_usage(true) - $startMemUsage);

        $code = 0;
        $errCount = count($errors);

        $output->writeln(sprintf(
            "\n\nTime: <info>%s</info>\tMemory: <info>%s</info>\tCache: <info>%s</info>\n",
            $timeUsage,
            $memUsage,
            $usingCache
        ));

        if ($errCount > 0) {
            $output->writeln('<error>FAILURES!</error>');
            $output->writeln("<error>Files: {$fileCount}, Failures: {$errCount}</error>");
            $this->showErrors($errors);

            if (empty($options['quiet'])) {
                $code = 1;
            }
        } else {
            $output->writeln("<info>OK! (Files: {$fileCount}, Success: {$fileCount})</info>");
        }

        $context = [
            'time_usage' => $timeUsage,
            'memory_usage' => $memUsage,
            'using_cache' => 'Yes' == $usingCache,
            'files_count' => $fileCount,
        ];

        if (!empty($options['json'])) {
            $this->dumpJsonResult((string) $options['json'], $errors, $options, $context);
        }

        if (!empty($options['xml'])) {
            $this->dumpXmlResult((string) $options['xml'], $errors, $options, $context);
        }

        return $code;
    }

    /**
     * @param string $path
     * @param array  $errors
     * @param array  $options
     * @param array  $context
     */
    protected function dumpJsonResult($path, array $errors, array $options, array $context = [])
    {
        $result = [
            'status' => 'success',
            'options' => $options,
            'errors' => $errors,
        ];

        \file_put_contents($path, \json_encode(\array_merge($result, $context)));
    }

    /**
     * @param string $path
     * @param array  $errors
     * @param array  $options
     * @param array  $context
     *
     * @throws Exception
     */
    protected function dumpXmlResult($path, array $errors, array $options, array $context = [])

    {
        $document = new Document();
        $suite = $document->addTestSuite();
        $suite->setName('PHP Linter');
        $suite->setTimestamp(new DateTime());
        $suite->setTime($context['time_usage']);
        $testCase = $suite->addTestCase();
        foreach ($errors as $errorName => $value) {
            $testCase->addError($errorName, 'Error', $value['error']);
        }
        $document->save($path);
    }

    /**
     * Execute lint and return errors.
     *
     * @param Linter          $linter
     * @param InputInterface  $input
     * @param OutputInterface $output
     * @param int             $fileCount
     *
     * @return array
     */
    protected function executeLint($linter, $input, $output, $fileCount)
    {
        $cache = !$input->getOption('no-cache');
        $maxColumns = floor((new Terminal())->getWidth() / 2);
        $verbosity = $output->getVerbosity();
        $displayProgress = !$input->getOption('no-progress');

        $displayProgress && $linter->setProcessCallback(function ($status, SplFileInfo $file) use ($output, $verbosity, $fileCount, $maxColumns) {
            static $i = 1;

            $percent = floor(($i / $fileCount) * 100);
            $process = str_pad(" {$i} / {$fileCount} ({$percent}%)", 18, ' ', STR_PAD_LEFT);

            if ($verbosity >= OutputInterface::VERBOSITY_VERBOSE) {
                $filename = str_pad(" {$i}: " . $file->getRelativePathname(), $maxColumns - 10, ' ', \STR_PAD_RIGHT);
                if ($status === 'ok') {

                    $status = '<info>OK</info>';
                } elseif ($status === 'error') {
                    $status = '<error>Error</error>';
                } else {
                    $status = '<error>Warning</error>';
                }

                $status = \str_pad($status, 20, ' ', \STR_PAD_RIGHT);
                $output->writeln(\sprintf("%s\t%s\t%s", $filename, $status, $process));
            } else {
                if ($i && 0 === $i % $maxColumns) {
                    $output->writeln($process);
                }
                if ($status === 'ok') {

                    $status = '<info>.</info>';
                } elseif ($status === 'error') {
                    $status = '<error>E</error>';
                } else {
                    $status = '<error>W</error>';
                }

                $output->write($status);
            }
            ++$i;
        });

        $displayProgress || $output->write('<info>Checking...</info>');

        return $linter->lint([], $cache);
    }

    /**
     * Show errors detail.
     *
     * @param array $errors
     *
     * @throws \JakubOnderka\PhpConsoleColor\InvalidStyleException
     */
    protected function showErrors($errors)
    {
        $i = 0;
        $this->output->writeln("\nThere was " . count($errors) . ' errors:');

        foreach ($errors as $filename => $error) {
            $this->output->writeln('<comment>' . ++$i . ". {$filename}:{$error['line']}" . '</comment>');

            $this->output->write($this->getHighlightedCodeSnippet($filename, $error['line']));

            $this->output->writeln("<error> {$error['error']}</error>");
        }
    }

    /**
     * @param string $filePath
     * @param int    $lineNumber
     * @param int    $linesBefore
     * @param int    $linesAfter
     *
     * @return string
     */
    protected function getCodeSnippet($filePath, $lineNumber, $linesBefore = 3, $linesAfter = 3)
    {
        $lines = file($filePath);
        $offset = $lineNumber - $linesBefore - 1;
        $offset = max($offset, 0);
        $length = $linesAfter + $linesBefore + 1;
        $lines = array_slice($lines, $offset, $length, $preserveKeys = true);
        end($lines);
        $lineStrlen = strlen(key($lines) + 1);
        $snippet = '';

        foreach ($lines as $i => $line) {
            $snippet .= (abs($lineNumber) === $i + 1 ? '  > ' : '    ');
            $snippet .= str_pad($i + 1, $lineStrlen, ' ', STR_PAD_LEFT) . '| ' . rtrim($line) . PHP_EOL;
        }

        return $snippet;
    }

    /**
     * @param string $filePath
     * @param int    $lineNumber
     * @param int    $linesBefore
     * @param int    $linesAfter
     *
     * @return string
     *
     * @throws \JakubOnderka\PhpConsoleColor\InvalidStyleException
     */
    public function getHighlightedCodeSnippet($filePath, $lineNumber, $linesBefore = 3, $linesAfter = 3)
    {
        if (
            !class_exists('\JakubOnderka\PhpConsoleHighlighter\Highlighter') ||
            !class_exists('\JakubOnderka\PhpConsoleColor\ConsoleColor')
        ) {
            return $this->getCodeSnippet($filePath, $lineNumber, $linesBefore, $linesAfter);
        }

        $colors = new ConsoleColor();
        $highlighter = new Highlighter($colors);
        $fileContent = file_get_contents($filePath);

        return $highlighter->getCodeSnippet($fileContent, $lineNumber, $linesBefore, $linesAfter);
    }

    /**
     * Merge options.
     *
     * @return array
     */
    protected function mergeOptions()
    {
        $options = $this->input->getOptions();
        $options['path'] = $this->input->getArgument('path');
        $options['cache'] = $this->input->getOption('cache');
        if ($options['warning'] === false) {
            unset($options['warning']);
        }

        $config = [];

        if (!$this->input->getOption('no-configuration')) {
            $filename = $this->getConfigFile();

            if (empty($options['configuration']) && $filename) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
                $options['configuration'] = $filename;
            }

            if (!empty($options['configuration'])) {
                $this->output->writeln("<comment>Loaded config from \"{$options['configuration']}\"</comment>\n");
                $config = $this->loadConfiguration($options['configuration']);
            } else {
                $this->output->writeln("<comment>No config file loaded.</comment>\n");
            }
        } else {
            $this->output->writeln("<comment>No config file loaded.</comment>\n");
        }

        $options = array_merge($this->defaults, array_filter($config), array_filter($options));

        is_array($options['extensions']) || $options['extensions'] = explode(',', $options['extensions']);

        return $options;
    }

    /**
     * Get configuration file.
     *
     * @return string|null
     */
    protected function getConfigFile()
    {
        $inputPath = $this->input->getArgument('path');

        $dir = './';

        if (1 == count($inputPath) && $first = reset($inputPath)) {
            $dir = is_dir($first) ? $first : dirname($first);
        }

        $filename = rtrim($dir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . '.phplint.yml';

        return realpath($filename);
    }

    /**
     * Load configuration from yaml.
     *
     * @param string $path
     *
     * @return array
     */
    protected function loadConfiguration($path)
    {
        try {
            $configuration = Yaml::parse(file_get_contents($path));
            if (!is_array($configuration)) {
                throw new ParseException('Invalid content.', 1);
            }

            return $configuration;
        } catch (ParseException $e) {
            $this->output->writeln(sprintf('<error>Unable to parse the YAML string: %s</error>', $e->getMessage()));

            return [];
        }
    }
}


1		<?php
2
3		/*
4		* This file is part of the overtrue/phplint
5		*
6		* (c) overtrue <[email protected]>
7		*
8		* This source file is subject to the MIT license that is bundled
9		* with this source code in the file LICENSE.
10		*/
11
12		namespace Overtrue\PHPLint\Command;
13
14		use DateTime;
15		use Exception;
16		use JakubOnderka\PhpConsoleColor\ConsoleColor;
17		use JakubOnderka\PhpConsoleHighlighter\Highlighter;
18		use N98\JUnitXml\Document;
19		use Overtrue\PHPLint\Cache;
20		use Overtrue\PHPLint\Linter;
21		use Symfony\Component\Console\Command\Command;
22		use Symfony\Component\Console\Helper\Helper;
23		use Symfony\Component\Console\Input\InputArgument;
24		use Symfony\Component\Console\Input\InputInterface;
25		use Symfony\Component\Console\Input\InputOption;
26		use Symfony\Component\Console\Output\OutputInterface;
27		use Symfony\Component\Console\Terminal;
28		use Symfony\Component\Finder\SplFileInfo;
29		use Symfony\Component\Yaml\Exception\ParseException;
30		use Symfony\Component\Yaml\Yaml;
31
32		/**
33		* Class LintCommand.
34		*/
35		class LintCommand extends Command
36		{
37		/**
38		* @var array
39		*/
40		protected $defaults = [
41		'jobs' => 5,
42		'path' => '.',
43		'exclude' => [],
44		'extensions' => ['php'],
45		'warning' => false
46		];
47
48		/**
49		* @var \Symfony\Component\Console\Input\InputInterface
50		*/
51		protected $input;
52
53		/**
54		* @var \Symfony\Component\Console\Output\OutputInterface
55		*/
56		protected $output;
57
58		/**
59		* Configures the current command.
60		*/
61		protected function configure()
62		{
63		$this
64		->setName('phplint')
65		->setDescription('Lint something')
66		->addArgument(
67		'path',
68		InputArgument::OPTIONAL \| InputArgument::IS_ARRAY,
69		'Path to file or directory to lint.'
70		)
71		->addOption(
72		'exclude',
73		null,
74		InputOption::VALUE_REQUIRED \| InputOption::VALUE_IS_ARRAY,
75		'Path to file or directory to exclude from linting'
76		)
77		->addOption(
78		'extensions',
79		null,
80		InputOption::VALUE_REQUIRED,
81		'Check only files with selected extensions (default: php)'
82		)
83		->addOption(
84		'jobs',
85		'j',
86		InputOption::VALUE_REQUIRED,
87		'Number of parraled jobs to run (default: 5)'
88		)
89		->addOption(
90		'configuration',
91		'c',
92		InputOption::VALUE_REQUIRED,
93		'Read configuration from config file (default: ./.phplint.yml).'
94		)
95		->addOption(
96		'no-configuration',
97		null,
98		InputOption::VALUE_NONE,
99		'Ignore default configuration file (default: ./.phplint.yml).'
100		)
101		->addOption(
102		'no-cache',
103		null,
104		InputOption::VALUE_NONE,
105		'Ignore cached data.'
106		)
107		->addOption(
108		'cache',
109		null,
110		InputOption::VALUE_REQUIRED,
111		'Path to the cache file.'
112		)
113		->addOption(
114		'no-progress',
115		null,
116		InputOption::VALUE_NONE,
117		'Hide the progress output.'
118		)
119		->addOption(
120		'json',
121		null,
122		InputOption::VALUE_OPTIONAL,
123		'Path to store JSON results.'
124		)
125		->addOption(
126		'xml',
127		null,
128		InputOption::VALUE_OPTIONAL,
129		'Path to store JUnit XML results.'
130		)
131		->addOption(
132		'warning',
133		'w',
134		InputOption::VALUE_NONE,
135		'Also show warnings.'
136		)
137		->addOption(
138		'quiet',
139		'q',
140		InputOption::VALUE_NONE,
141		'Allow to silenty fail.'
142		);
143		}
144
145		/**
146		* Initializes the command just after the input has been validated.
147		*
148		* This is mainly useful when a lot of commands extends one main command
149		* where some things need to be initialized based on the input arguments and options.
150		*
151		* @param InputInterface $input An InputInterface instance
152		* @param OutputInterface $output An OutputInterface instance
153		*/
154		public function initialize(InputInterface $input, OutputInterface $output)
155		{
156		$this->input = $input;
157		$this->output = $output;
158		}
159
160		/**
161		* Executes the current command.
162		*
163		* This method is not abstract because you can use this class
164		* as a concrete class. In this case, instead of defining the
165		* execute() method, you set the code to execute by passing
166		* a Closure to the setCode() method.
167		*
168		* @param InputInterface $input An InputInterface instance
169		* @param OutputInterface $output An OutputInterface instance
170		*
171		* @throws \LogicException When this abstract method is not implemented
172		*
173		* @return null\|int null or 0 if everything went fine, or an error code
174		*
175		* @see setCode()
176		*
177		* @throws \JakubOnderka\PhpConsoleColor\InvalidStyleException
178		*/
179		protected function execute(InputInterface $input, OutputInterface $output)
180		{
181		$startTime = microtime(true);
182		$startMemUsage = memory_get_usage(true);
183
184		$output->writeln($this->getApplication()->getLongVersion() . " by overtrue and contributors.\n");
185
186		$options = $this->mergeOptions();
187		$verbosity = $output->getVerbosity();
188
189		if ($verbosity >= OutputInterface::VERBOSITY_DEBUG) {
190		$output->writeln('Options: ' . json_encode($options) . "\n");
191		}
192
193		$linter = new Linter($options['path'], $options['exclude'], $options['extensions'], $options['warning']);
194		$linter->setProcessLimit($options['jobs']);
195
196		if (!empty($options['cache'])) {
197		Cache::setFilename($options['cache']);
198		}
199
200		$usingCache = 'No';
201		if (!$input->getOption('no-cache') && Cache::isCached()) {
202		$usingCache = 'Yes';
203		$linter->setCache(Cache::get());
204		}
205
206		$fileCount = count($linter->getFiles());
207
208		if ($fileCount <= 0) {
209		$output->writeln('<info>Could not find files to lint</info>');
210
211		return 0;
212		}
213
214		$errors = $this->executeLint($linter, $input, $output, $fileCount);
215
216		$timeUsage = Helper::formatTime(microtime(true) - $startTime);
217		$memUsage = Helper::formatMemory(memory_get_usage(true) - $startMemUsage);
218
219		$code = 0;
220		$errCount = count($errors);
221
222		$output->writeln(sprintf(
223		"\n\nTime: <info>%s</info>\tMemory: <info>%s</info>\tCache: <info>%s</info>\n",
224		$timeUsage,
225		$memUsage,
226		$usingCache
227		));
228
229		if ($errCount > 0) {
230		$output->writeln('<error>FAILURES!</error>');
231		$output->writeln("<error>Files: {$fileCount}, Failures: {$errCount}</error>");
232		$this->showErrors($errors);
233
234		if (empty($options['quiet'])) {
235		$code = 1;
236		}
237		} else {
238		$output->writeln("<info>OK! (Files: {$fileCount}, Success: {$fileCount})</info>");
239		}
240
241		$context = [
242		'time_usage' => $timeUsage,
243		'memory_usage' => $memUsage,
244		'using_cache' => 'Yes' == $usingCache,
245		'files_count' => $fileCount,
246		];
247
248		if (!empty($options['json'])) {
249		$this->dumpJsonResult((string) $options['json'], $errors, $options, $context);
250		}
251
252		if (!empty($options['xml'])) {
253		$this->dumpXmlResult((string) $options['xml'], $errors, $options, $context);
254		}
255
256		return $code;
257		}
258
259		/**
260		* @param string $path
261		* @param array $errors
262		* @param array $options
263		* @param array $context
264		*/
265		protected function dumpJsonResult($path, array $errors, array $options, array $context = [])
266		{
267		$result = [
268		'status' => 'success',
269		'options' => $options,
270		'errors' => $errors,
271		];
272
273		\file_put_contents($path, \json_encode(\array_merge($result, $context)));
274		}
275
276		/**
277		* @param string $path
278		* @param array $errors
279		* @param array $options
280		* @param array $context
281		*
282		* @throws Exception
283		*/
284		protected function dumpXmlResult($path, array $errors, array $options, array $context = [])
		0 ignored issues – show Unused Code introduced 2020-03-05 08:24 UTC by Report Bug Copy Issue Report Show Similar Issues like this The parameter `$options` is not used and could be removed. This check looks from parameters that have been defined for a function or method, but which are not used in the method body. Loading history...
285		{
286		$document = new Document();
287		$suite = $document->addTestSuite();
288		$suite->setName('PHP Linter');
289		$suite->setTimestamp(new DateTime());
290		$suite->setTime($context['time_usage']);
291		$testCase = $suite->addTestCase();
292		foreach ($errors as $errorName => $value) {
293		$testCase->addError($errorName, 'Error', $value['error']);
294		}
295		$document->save($path);
296		}
297
298		/**
299		* Execute lint and return errors.
300		*
301		* @param Linter $linter
302		* @param InputInterface $input
303		* @param OutputInterface $output
304		* @param int $fileCount
305		*
306		* @return array
307		*/
308		protected function executeLint($linter, $input, $output, $fileCount)
309		{
310		$cache = !$input->getOption('no-cache');
311		$maxColumns = floor((new Terminal())->getWidth() / 2);
312		$verbosity = $output->getVerbosity();
313		$displayProgress = !$input->getOption('no-progress');
314
315		$displayProgress && $linter->setProcessCallback(function ($status, SplFileInfo $file) use ($output, $verbosity, $fileCount, $maxColumns) {
316		static $i = 1;
317
318		$percent = floor(($i / $fileCount) * 100);
319		$process = str_pad(" {$i} / {$fileCount} ({$percent}%)", 18, ' ', STR_PAD_LEFT);
320
321		if ($verbosity >= OutputInterface::VERBOSITY_VERBOSE) {
322		$filename = str_pad(" {$i}: " . $file->getRelativePathname(), $maxColumns - 10, ' ', \STR_PAD_RIGHT);
323	View Code Duplication	if ($status === 'ok') {
		0 ignored issues – show Duplication introduced 2020-10-01 21:21 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
324		$status = '<info>OK</info>';
325		} elseif ($status === 'error') {
326		$status = '<error>Error</error>';
327		} else {
328		$status = '<error>Warning</error>';
329		}
330
331		$status = \str_pad($status, 20, ' ', \STR_PAD_RIGHT);
332		$output->writeln(\sprintf("%s\t%s\t%s", $filename, $status, $process));
333		} else {
334		if ($i && 0 === $i % $maxColumns) {
335		$output->writeln($process);
336		}
337	View Code Duplication	if ($status === 'ok') {
		0 ignored issues – show Duplication introduced 2020-10-01 21:21 UTC by Report Bug Copy Issue Report Show Similar Issues like this This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
338		$status = '<info>.</info>';
339		} elseif ($status === 'error') {
340		$status = '<error>E</error>';
341		} else {
342		$status = '<error>W</error>';
343		}
344
345		$output->write($status);
346		}
347		++$i;
348		});
349
350		$displayProgress \|\| $output->write('<info>Checking...</info>');
351
352		return $linter->lint([], $cache);
353		}
354
355		/**
356		* Show errors detail.
357		*
358		* @param array $errors
359		*
360		* @throws \JakubOnderka\PhpConsoleColor\InvalidStyleException
361		*/
362		protected function showErrors($errors)
363		{
364		$i = 0;
365		$this->output->writeln("\nThere was " . count($errors) . ' errors:');
366
367		foreach ($errors as $filename => $error) {
368		$this->output->writeln('<comment>' . ++$i . ". {$filename}:{$error['line']}" . '</comment>');
369
370		$this->output->write($this->getHighlightedCodeSnippet($filename, $error['line']));
371
372		$this->output->writeln("<error> {$error['error']}</error>");
373		}
374		}
375
376		/**
377		* @param string $filePath
378		* @param int $lineNumber
379		* @param int $linesBefore
380		* @param int $linesAfter
381		*
382		* @return string
383		*/
384		protected function getCodeSnippet($filePath, $lineNumber, $linesBefore = 3, $linesAfter = 3)
385		{
386		$lines = file($filePath);
387		$offset = $lineNumber - $linesBefore - 1;
388		$offset = max($offset, 0);
389		$length = $linesAfter + $linesBefore + 1;
390		$lines = array_slice($lines, $offset, $length, $preserveKeys = true);
391		end($lines);
392		$lineStrlen = strlen(key($lines) + 1);
393		$snippet = '';
394
395		foreach ($lines as $i => $line) {
396		$snippet .= (abs($lineNumber) === $i + 1 ? ' > ' : ' ');
397		$snippet .= str_pad($i + 1, $lineStrlen, ' ', STR_PAD_LEFT) . '\| ' . rtrim($line) . PHP_EOL;
398		}
399
400		return $snippet;
401		}
402
403		/**
404		* @param string $filePath
405		* @param int $lineNumber
406		* @param int $linesBefore
407		* @param int $linesAfter
408		*
409		* @return string
410		*
411		* @throws \JakubOnderka\PhpConsoleColor\InvalidStyleException
412		*/
413		public function getHighlightedCodeSnippet($filePath, $lineNumber, $linesBefore = 3, $linesAfter = 3)
414		{
415		if (
416		!class_exists('\JakubOnderka\PhpConsoleHighlighter\Highlighter') \|\|
417		!class_exists('\JakubOnderka\PhpConsoleColor\ConsoleColor')
418		) {
419		return $this->getCodeSnippet($filePath, $lineNumber, $linesBefore, $linesAfter);
420		}
421
422		$colors = new ConsoleColor();
423		$highlighter = new Highlighter($colors);
424		$fileContent = file_get_contents($filePath);
425
426		return $highlighter->getCodeSnippet($fileContent, $lineNumber, $linesBefore, $linesAfter);
427		}
428
429		/**
430		* Merge options.
431		*
432		* @return array
433		*/
434		protected function mergeOptions()
435		{
436		$options = $this->input->getOptions();
437		$options['path'] = $this->input->getArgument('path');
438		$options['cache'] = $this->input->getOption('cache');
439		if ($options['warning'] === false) {
440		unset($options['warning']);
441		}
442
443		$config = [];
444
445		if (!$this->input->getOption('no-configuration')) {
446		$filename = $this->getConfigFile();
447
448		if (empty($options['configuration']) && $filename) {
		0 ignored issues – show Bug Best Practice introduced 2016-10-31 04:00 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$filename` of type `string\|null` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== null` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
449		$options['configuration'] = $filename;
450		}
451
452		if (!empty($options['configuration'])) {
453		$this->output->writeln("<comment>Loaded config from \"{$options['configuration']}\"</comment>\n");
454		$config = $this->loadConfiguration($options['configuration']);
455		} else {
456		$this->output->writeln("<comment>No config file loaded.</comment>\n");
457		}
458		} else {
459		$this->output->writeln("<comment>No config file loaded.</comment>\n");
460		}
461
462		$options = array_merge($this->defaults, array_filter($config), array_filter($options));
463
464		is_array($options['extensions']) \|\| $options['extensions'] = explode(',', $options['extensions']);
465
466		return $options;
467		}
468
469		/**
470		* Get configuration file.
471		*
472		* @return string\|null
473		*/
474		protected function getConfigFile()
475		{
476		$inputPath = $this->input->getArgument('path');
477
478		$dir = './';
479
480		if (1 == count($inputPath) && $first = reset($inputPath)) {
481		$dir = is_dir($first) ? $first : dirname($first);
482		}
483
484		$filename = rtrim($dir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . '.phplint.yml';
485
486		return realpath($filename);
487		}
488
489		/**
490		* Load configuration from yaml.
491		*
492		* @param string $path
493		*
494		* @return array
495		*/
496		protected function loadConfiguration($path)
497		{
498		try {
499		$configuration = Yaml::parse(file_get_contents($path));
500		if (!is_array($configuration)) {
501		throw new ParseException('Invalid content.', 1);
502		}
503
504		return $configuration;
505		} catch (ParseException $e) {
506		$this->output->writeln(sprintf('<error>Unable to parse the YAML string: %s</error>', $e->getMessage()));
507
508		return [];
509		}
510		}
511		}
512

overtrue / phplint

Issues (10)

Security Analysis no request data

src/Command/LintCommand.php (4 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like