|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
|
|
4
|
|
|
namespace TheCodingMachine\PHPStan\Rules\Superglobals; |
|
5
|
|
|
|
|
6
|
|
|
use PhpParser\Node; |
|
7
|
|
|
use PHPStan\Analyser\Scope; |
|
8
|
|
|
use PHPStan\Reflection\FunctionReflection; |
|
9
|
|
|
use PHPStan\Reflection\MethodReflection; |
|
10
|
|
|
use PHPStan\Rules\Rule; |
|
11
|
|
|
use PHPStan\ShouldNotHappenException; |
|
12
|
|
|
|
|
13
|
|
|
/** |
|
14
|
|
|
* This rule checks that no superglobals are used in code. |
|
15
|
|
|
*/ |
|
16
|
|
|
class NoSuperglobalsRule implements Rule |
|
17
|
|
|
{ |
|
18
|
|
|
public function getNodeType(): string |
|
19
|
|
|
{ |
|
20
|
|
|
return Node\Expr\Variable::class; |
|
21
|
|
|
} |
|
22
|
|
|
|
|
23
|
|
|
/** |
|
24
|
|
|
* @param Node\Expr\Variable $node |
|
25
|
|
|
* @param \PHPStan\Analyser\Scope $scope |
|
26
|
|
|
* @return string[] |
|
27
|
|
|
*/ |
|
28
|
|
|
public function processNode(Node $node, Scope $scope): array |
|
29
|
|
|
{ |
|
30
|
|
|
$function = $scope->getFunction(); |
|
31
|
|
|
// If we are at the top level (not in a function), let's ignore all this. |
|
32
|
|
|
// It might be ok. |
|
33
|
|
|
if ($function === null) { |
|
34
|
|
|
return []; |
|
35
|
|
|
} |
|
36
|
|
|
|
|
37
|
|
|
$forbiddenGlobals = [ |
|
38
|
|
|
'_GET', '_POST', '_FILES', '_COOKIE', '_SESSION', '_REQUEST' |
|
39
|
|
|
]; |
|
40
|
|
|
|
|
41
|
|
|
if (\in_array($node->name, $forbiddenGlobals, true)) { |
|
42
|
|
|
$prefix = ''; |
|
43
|
|
|
if ($function instanceof MethodReflection) { |
|
|
|
|
|
|
44
|
|
|
$prefix = 'In method "'.$function->getDeclaringClass()->getName().'::'.$function->getName().'", '; |
|
45
|
|
|
} elseif ($function instanceof FunctionReflection) { |
|
|
|
|
|
|
46
|
|
|
$prefix = 'In function "'.$function->getName().'", '; |
|
47
|
|
|
} |
|
48
|
|
|
|
|
49
|
|
|
return [$prefix.'you should not use the $'.$node->name.' superglobal. You should instead rely on your framework that provides you with a "request" object (for instance a PSR-7 RequestInterface or a Symfony Request).']; |
|
50
|
|
|
} |
|
51
|
|
|
|
|
52
|
|
|
return []; |
|
53
|
|
|
} |
|
54
|
|
|
} |
|
55
|
|
|
|
thecodingmachine /
phpstan-strict-rules
Loading history...
This error could be the result of:
1. Missing dependencies
PHP Analyzer uses your
composer.jsonfile (if available) to determine the dependencies of your project and to determine all the available classes and functions. It expects thecomposer.jsonto be in the root folder of your repository.Are you sure this class is defined by one of your dependencies, or did you maybe not list a dependency in either the
requireorrequire-devsection?2. Missing use statement
PHP does not complain about undefined classes in
ìnstanceofchecks. For example, the following PHP code will work perfectly fine:If you have not tested against this specific condition, such errors might go unnoticed.