UnsafeUnserialize::pass() - Code Metrics - Inspection of "Feature: Now, We support only PHP >= 7.0 #346" - ovr/phpsa - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 8f0d0f...15736a )

by Дмитрий

created 2018-01-20 06:36 UTC

UnsafeUnserialize::pass() A

↳ Parent: UnsafeUnserialize

Complexity

Conditions	3
Paths	3

Size

Total Lines	19
Code Lines	11

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	11
CRAP Score	3

Importance

Changes	1
Bugs	0	Features	0

Metric	Value
cc	3
eloc	11
nc	3
nop	2
dl	0
loc	19
ccs	11
cts	11
cp	1
crap	3
rs	9.4285
c	1
b	0
f	0

<?php

namespace PHPSA\Analyzer\Pass\Expression\FunctionCall;

use PhpParser\Node\Expr\FuncCall;
use PHPSA\Context;

class UnsafeUnserialize extends AbstractFunctionCallAnalyzer
{
    const DESCRIPTION = 'Checks for use of `unserialize()` without a 2nd parameter defining the allowed classes. Requires PHP 7.0+';

    public function pass(FuncCall $funcCall, Context $context)
    {
        $functionName = $this->resolveFunctionName($funcCall, $context);

        if ($functionName !== 'unserialize') {
            return false;
        }

        if (count($funcCall->args) < 2) {
            $context->notice(
                'unsafe.unserialize',
                sprintf('unserialize() should be used with a list of allowed classes or false as 2nd parameter.'),
                $funcCall
            );
            return true;
        }

        return false;
    }

    /**
     * {@inheritdoc}
     */
    public static function getMetadata()
    {
        $metaData = parent::getMetadata();
        $metaData->setRequiredPhpVersion('7.0');

        return $metaData;
    }
}


1		<?php
2
3		namespace PHPSA\Analyzer\Pass\Expression\FunctionCall;
4
5		use PhpParser\Node\Expr\FuncCall;
6		use PHPSA\Context;
7
8		class UnsafeUnserialize extends AbstractFunctionCallAnalyzer
9		{
10		const DESCRIPTION = 'Checks for use of `unserialize()` without a 2nd parameter defining the allowed classes. Requires PHP 7.0+';
11
12	4	public function pass(FuncCall $funcCall, Context $context)
13		{
14	4	$functionName = $this->resolveFunctionName($funcCall, $context);
15
16	4	if ($functionName !== 'unserialize') {
17	3	return false;
18		}
19
20	1	if (count($funcCall->args) < 2) {
21	1	$context->notice(
22	1	'unsafe.unserialize',
23	1	sprintf('unserialize() should be used with a list of allowed classes or false as 2nd parameter.'),
24	1	$funcCall
25		);
26	1	return true;
27		}
28
29	1	return false;
30		}
31
32		/**
33		* {@inheritdoc}
34		*/
35	57	public static function getMetadata()
36		{
37	57	$metaData = parent::getMetadata();
38	57	$metaData->setRequiredPhpVersion('7.0');
39
40	57	return $metaData;
41		}
42		}
43

ovr / phpsa

Push — master ( 8f0d0f...15736a )

UnsafeUnserialize::pass() A

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like