ForbiddenCallTimePassByReferenceSniff - Code Metrics - Inspection of "Fix false positives on assign-by-reference within..." - wimg/PHPCompatibility - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#302)

by Juliette

created 2016-12-14 05:30 UTC

ForbiddenCallTimePassByReferenceSniff B

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	208
Duplicated Lines	1.44 %

Coupling/Cohesion

Components	1
Dependencies	3

Importance

Changes

Metric	Value
wmc	43
lcom	1
cbo	3
dl	3
loc	208
rs	8.3157
c	0
b	0
f	0

3 Methods

Rating	Name	Duplication	Size	Complexity
A	register()	0	5	1
C	process()	3	72	12
D	isCallTimePassByReferenceParam()	0	109	30

How to fix Duplicated Code Complexity

Duplicated Code

Duplicate code is one of the most pungent code smells. A rule that is often used is to re-structure code once it is duplicated in three or more places.

Common duplication problems, and corresponding solutions are:

If you have the same expression in different places: Extract expression to a method
If you have the same method in different sub-classes: Extract method, and pull up field to the parent class
If you have the same code in unrelated classes: Consider extracting the code to a new class, and injecting that class

Complex Class

Tip: Before tackling complexity, make sure that you eliminate any duplication first. This often can reduce the size of classes significantly.

Complex classes like ForbiddenCallTimePassByReferenceSniff often do a lot of different things. To break such a class down, we need to identify a cohesive component within that class. A common approach to find such a component is to look for fields/methods that share the same prefixes, or suffixes. You can also have a look at the cohesion graph to spot any un-connected, or weakly-connected components.

Once you have determined the fields that belong together, you can apply the Extract Class refactoring. If the component makes sense as a sub-class, Extract Subclass is also a candidate, and is often faster.

While breaking up the class, it is a good idea to analyze how other classes use ForbiddenCallTimePassByReferenceSniff, and based on these observations, apply Extract Interface, too.

<?php
/**
 * PHPCompatibility_Sniffs_PHP_ForbiddenCallTimePassByReference.
 *
 * PHP version 5.4
 *
 * @category  PHP
 * @package   PHPCompatibility
 * @author    Gary Rogers <[email protected]>
 * @author    Florian Grandel <[email protected]>
 * @copyright 2009 Florian Grandel
 * @license   https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence
 */

/**
 * PHPCompatibility_Sniffs_PHP_ForbiddenCallTimePassByReference.
 *
 * Discourages the use of call time pass by references
 *
 * PHP version 5.4
 *
 * @category  PHP
 * @package   PHPCompatibility
 * @author    Gary Rogers <[email protected]>
 * @author    Florian Grandel <[email protected]>
 * @copyright 2009 Florian Grandel
 * @license   https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence
 */
class PHPCompatibility_Sniffs_PHP_ForbiddenCallTimePassByReferenceSniff extends PHPCompatibility_Sniff
namespace YourVendor;

class YourClass { }
{

    /**
     * Returns an array of tokens this test wants to listen for.
     *
     * @return array
     */
    public function register()
    {
        return array(T_STRING);

    }//end register()

    /**
     * Processes this test, when one of its tokens is encountered.
     *
     * @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
     * @param int                  $stackPtr  The position of the current token
     *                                        in the stack passed in $tokens.
     *
     * @return void
     */
    public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
    {
        if ($this->supportsAbove('5.3') === false) {
            return;
        }

        $tokens = $phpcsFile->getTokens();

        // Skip tokens that are the names of functions or classes
        // within their definitions. For example: function myFunction...
        // "myFunction" is T_STRING but we should skip because it is not a
        // function or method *call*.
        $findTokens = array_merge(
            PHP_CodeSniffer_Tokens::$emptyTokens,
            array(T_BITWISE_AND)
        );

        $prevNonEmpty = $phpcsFile->findPrevious(
            $findTokens,
            ($stackPtr - 1),
            null,
            true
        );

        if ($prevNonEmpty !== false && in_array($tokens[$prevNonEmpty]['code'], array(T_FUNCTION, T_CLASS, T_INTERFACE, T_TRAIT), true)) {
            return;
        }

        // If the next non-whitespace token after the function or method call
        // is not an opening parenthesis then it can't really be a *call*.
        $openBracket = $phpcsFile->findNext(
            PHP_CodeSniffer_Tokens::$emptyTokens,
            ($stackPtr + 1),
            null,
            true
        );

        if ($openBracket === false || $tokens[$openBracket]['code'] !== T_OPEN_PARENTHESIS
           || isset($tokens[$openBracket]['parenthesis_closer']) === false
        ) {
            return;
        }

        // Get the function call parameters.
        $parameters = $this->getFunctionCallParameters($phpcsFile, $stackPtr);
        if (count($parameters) === 0) {
            return;
        }

        // Which nesting level is the one we are interested in ?
        $nestedParenthesisCount = 1;
        if (isset($tokens[$openBracket]['nested_parenthesis'])) {

            $nestedParenthesisCount = count($tokens[$openBracket]['nested_parenthesis']) + 1;
        }

        foreach ($parameters as $parameter) {
            if ($this->isCallTimePassByReferenceParam($phpcsFile, $parameter, $nestedParenthesisCount) === true) {
                // T_BITWISE_AND represents a pass-by-reference.
                $error     = 'Using a call-time pass-by-reference is deprecated since PHP 5.3';
                $isError   = false;
                $errorCode = 'Deprecated';

                if($this->supportsAbove('5.4')) {
                    $error    .= ' and prohibited since PHP 5.4';
                    $isError   = true;
                    $errorCode = 'NotAllowed';
                }

                $this->addMessage($phpcsFile, $error, $parameter['start'], $isError, $errorCode);
            }
        }
    }//end process()


    protected function isCallTimePassByReferenceParam(PHP_CodeSniffer_File $phpcsFile, $parameter, $nestingLevel)
    {
        $tokens   = $phpcsFile->getTokens();

        $searchStartToken = $parameter['start'] - 1;
        $searchEndToken   = $parameter['end'] + 1;
        $nextVariable     = $searchStartToken;
        do {
            $nextVariable = $phpcsFile->findNext(T_VARIABLE, ($nextVariable + 1), $searchEndToken);
            if ($nextVariable === false) {
                return false;
            }

            // Make sure the variable belongs directly to this function call
            // and is not inside a nested function call or array.
            if (isset($tokens[$nextVariable]['nested_parenthesis']) === false ||
               (count($tokens[$nextVariable]['nested_parenthesis']) !== $nestingLevel)
            ) {
                continue;
            }


            // Checking this: $value = my_function(...[*]$arg...).

            $tokenBefore = $phpcsFile->findPrevious(
                PHP_CodeSniffer_Tokens::$emptyTokens,
                ($nextVariable - 1),
                $searchStartToken,
                true
            );

            if ($tokenBefore === false || $tokens[$tokenBefore]['code'] !== T_BITWISE_AND) {
                // Nothing before the token or no &.
                continue;
            }

            // Checking this: $value = my_function(...[*]&$arg...).

            $tokenBefore = $phpcsFile->findPrevious(
                PHP_CodeSniffer_Tokens::$emptyTokens,
                ($tokenBefore - 1),
                $searchStartToken,
                true
            );

            // We have to exclude all uses of T_BITWISE_AND that are not
            // references. We use a blacklist approach as we prefer false
            // positives to not identifying a pass-by-reference call at all.
            // The blacklist may not yet be complete.
            switch ($tokens[$tokenBefore]['code']) {
                // In these cases T_BITWISE_AND represents
                // the bitwise and operator.
                case T_LNUMBER:
                case T_VARIABLE:
                case T_CLOSE_SQUARE_BRACKET:
                case T_CLOSE_PARENTHESIS:
                    break;

                // Prevent false positive on assign by reference and compare with reference
                // with function call parameters.
                case T_EQUAL:
                case T_AND_EQUAL:
                case T_OR_EQUAL:
                case T_CONCAT_EQUAL:
                case T_DIV_EQUAL:
                case T_MINUS_EQUAL:
                case T_MOD_EQUAL:
                case T_MUL_EQUAL:
                case T_PLUS_EQUAL:
                case T_XOR_EQUAL:
                case T_SL_EQUAL:
                case T_SR_EQUAL:
                case T_IS_EQUAL:
                case T_IS_IDENTICAL:
                    break;

                // Unfortunately the tokenizer fails to recognize global constants,
                // class-constants and -attributes. Any of these are returned is
                // treated as T_STRING.
                // So we step back another token and check if it is a class
                // operator (-> or ::), which means we have a false positive.
                // Global constants still remain uncovered.
                case T_STRING:
                    $tokenBeforePlus = $phpcsFile->findPrevious(
                        PHP_CodeSniffer_Tokens::$emptyTokens,
                        ($tokenBefore - 1),
                        $searchStartToken,
                        true
                    );
                    if ($tokens[$tokenBeforePlus]['code'] === T_DOUBLE_COLON ||
                        $tokens[$tokenBeforePlus]['code'] === T_OBJECT_OPERATOR
                    ) {
                        break;
                    }
                    // If not a class constant: fall through.

                default:
                    // Deal with T_POW_EQUAL which doesn't exist in PHPCS 1.x
                    if (defined('T_POW_EQUAL') && $tokens[$tokenBefore]['type'] === 'T_POW_EQUAL') {
                        break;
                    }

                    // The found T_BITWISE_AND represents a pass-by-reference.
                    return true;
            }

        } while($nextVariable < $searchEndToken);

        // This code should never be reached, but here in case of weird bugs ;-)
        return false;
    }

}//end class


1		<?php
2		/**
3		* PHPCompatibility_Sniffs_PHP_ForbiddenCallTimePassByReference.
4		*
5		* PHP version 5.4
6		*
7		* @category PHP
8		* @package PHPCompatibility
9		* @author Gary Rogers <[email protected]>
10		* @author Florian Grandel <[email protected]>
11		* @copyright 2009 Florian Grandel
12		* @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence
13		*/
14
15		/**
16		* PHPCompatibility_Sniffs_PHP_ForbiddenCallTimePassByReference.
17		*
18		* Discourages the use of call time pass by references
19		*
20		* PHP version 5.4
21		*
22		* @category PHP
23		* @package PHPCompatibility
24		* @author Gary Rogers <[email protected]>
25		* @author Florian Grandel <[email protected]>
26		* @copyright 2009 Florian Grandel
27		* @license https://github.com/squizlabs/PHP_CodeSniffer/blob/master/licence.txt BSD Licence
28		*/
29		class PHPCompatibility_Sniffs_PHP_ForbiddenCallTimePassByReferenceSniff extends PHPCompatibility_Sniff
		0 ignored issues – show Coding Style Compatibility introduced 2016-08-04 22:56 UTC by Report Bug Copy Issue Report PSR1 recommends that each class must be in a namespace of at least one level to avoid collisions. You can fix this by adding a namespace to your class: namespace YourVendor; class YourClass { } When choosing a vendor namespace, try to pick something that is not too generic to avoid conflicts with other libraries. Loading history...
30		{
31
32		/**
33		* Returns an array of tokens this test wants to listen for.
34		*
35		* @return array
36		*/
37		public function register()
38		{
39		return array(T_STRING);
40
41		}//end register()
42
43		/**
44		* Processes this test, when one of its tokens is encountered.
45		*
46		* @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
47		* @param int $stackPtr The position of the current token
48		* in the stack passed in $tokens.
49		*
50		* @return void
51		*/
52		public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
53		{
54		if ($this->supportsAbove('5.3') === false) {
55		return;
56		}
57
58		$tokens = $phpcsFile->getTokens();
59
60		// Skip tokens that are the names of functions or classes
61		// within their definitions. For example: function myFunction...
62		// "myFunction" is T_STRING but we should skip because it is not a
63		// function or method call.
64		$findTokens = array_merge(
65		PHP_CodeSniffer_Tokens::$emptyTokens,
66		array(T_BITWISE_AND)
67		);
68
69		$prevNonEmpty = $phpcsFile->findPrevious(
70		$findTokens,
71		($stackPtr - 1),
72		null,
73		true
74		);
75
76		if ($prevNonEmpty !== false && in_array($tokens[$prevNonEmpty]['code'], array(T_FUNCTION, T_CLASS, T_INTERFACE, T_TRAIT), true)) {
77		return;
78		}
79
80		// If the next non-whitespace token after the function or method call
81		// is not an opening parenthesis then it can't really be a call.
82		$openBracket = $phpcsFile->findNext(
83		PHP_CodeSniffer_Tokens::$emptyTokens,
84		($stackPtr + 1),
85		null,
86		true
87		);
88
89		if ($openBracket === false \|\| $tokens[$openBracket]['code'] !== T_OPEN_PARENTHESIS
90		\|\| isset($tokens[$openBracket]['parenthesis_closer']) === false
91		) {
92		return;
93		}
94
95		// Get the function call parameters.
96		$parameters = $this->getFunctionCallParameters($phpcsFile, $stackPtr);
97		if (count($parameters) === 0) {
98		return;
99		}
100
101		// Which nesting level is the one we are interested in ?
102		$nestedParenthesisCount = 1;
103	View Code Duplication	if (isset($tokens[$openBracket]['nested_parenthesis'])) {
		1 ignored issue – show Duplication introduced 2016-08-22 21:49 UTC by Report Bug Copy Issue Report This code seems to be duplicated across your project. Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation. You can also find more detailed suggestions in the “Code” section of your repository. Loading history...
104		$nestedParenthesisCount = count($tokens[$openBracket]['nested_parenthesis']) + 1;
105		}
106
107		foreach ($parameters as $parameter) {
108		if ($this->isCallTimePassByReferenceParam($phpcsFile, $parameter, $nestedParenthesisCount) === true) {
109		// T_BITWISE_AND represents a pass-by-reference.
110		$error = 'Using a call-time pass-by-reference is deprecated since PHP 5.3';
111		$isError = false;
112		$errorCode = 'Deprecated';
113
114		if($this->supportsAbove('5.4')) {
115		$error .= ' and prohibited since PHP 5.4';
116		$isError = true;
117		$errorCode = 'NotAllowed';
118		}
119
120		$this->addMessage($phpcsFile, $error, $parameter['start'], $isError, $errorCode);
121		}
122		}
123		}//end process()
124
125
126		protected function isCallTimePassByReferenceParam(PHP_CodeSniffer_File $phpcsFile, $parameter, $nestingLevel)
127		{
128		$tokens = $phpcsFile->getTokens();
129
130		$searchStartToken = $parameter['start'] - 1;
131		$searchEndToken = $parameter['end'] + 1;
132		$nextVariable = $searchStartToken;
133		do {
134		$nextVariable = $phpcsFile->findNext(T_VARIABLE, ($nextVariable + 1), $searchEndToken);
135		if ($nextVariable === false) {
136		return false;
137		}
138
139		// Make sure the variable belongs directly to this function call
140		// and is not inside a nested function call or array.
141		if (isset($tokens[$nextVariable]['nested_parenthesis']) === false \|\|
142		(count($tokens[$nextVariable]['nested_parenthesis']) !== $nestingLevel)
143		) {
144		continue;
145		}
146
147
148		// Checking this: $value = my_function(...[*]$arg...).
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-08-04 22:56 UTC by Report Bug Copy Issue Report `43%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
149		$tokenBefore = $phpcsFile->findPrevious(
150		PHP_CodeSniffer_Tokens::$emptyTokens,
151		($nextVariable - 1),
152		$searchStartToken,
153		true
154		);
155
156		if ($tokenBefore === false \|\| $tokens[$tokenBefore]['code'] !== T_BITWISE_AND) {
157		// Nothing before the token or no &.
158		continue;
159		}
160
161		// Checking this: $value = my_function(...[*]&$arg...).
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-08-04 22:56 UTC by Report Bug Copy Issue Report `45%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
162		$tokenBefore = $phpcsFile->findPrevious(
163		PHP_CodeSniffer_Tokens::$emptyTokens,
164		($tokenBefore - 1),
165		$searchStartToken,
166		true
167		);
168
169		// We have to exclude all uses of T_BITWISE_AND that are not
170		// references. We use a blacklist approach as we prefer false
171		// positives to not identifying a pass-by-reference call at all.
172		// The blacklist may not yet be complete.
173		switch ($tokens[$tokenBefore]['code']) {
174		// In these cases T_BITWISE_AND represents
175		// the bitwise and operator.
176		case T_LNUMBER:
177		case T_VARIABLE:
178		case T_CLOSE_SQUARE_BRACKET:
179		case T_CLOSE_PARENTHESIS:
180		break;
181
182		// Prevent false positive on assign by reference and compare with reference
183		// with function call parameters.
184		case T_EQUAL:
185		case T_AND_EQUAL:
186		case T_OR_EQUAL:
187		case T_CONCAT_EQUAL:
188		case T_DIV_EQUAL:
189		case T_MINUS_EQUAL:
190		case T_MOD_EQUAL:
191		case T_MUL_EQUAL:
192		case T_PLUS_EQUAL:
193		case T_XOR_EQUAL:
194		case T_SL_EQUAL:
195		case T_SR_EQUAL:
196		case T_IS_EQUAL:
197		case T_IS_IDENTICAL:
198		break;
199
200		// Unfortunately the tokenizer fails to recognize global constants,
201		// class-constants and -attributes. Any of these are returned is
202		// treated as T_STRING.
203		// So we step back another token and check if it is a class
204		// operator (-> or ::), which means we have a false positive.
205		// Global constants still remain uncovered.
206		case T_STRING:
207		$tokenBeforePlus = $phpcsFile->findPrevious(
208		PHP_CodeSniffer_Tokens::$emptyTokens,
209		($tokenBefore - 1),
210		$searchStartToken,
211		true
212		);
213		if ($tokens[$tokenBeforePlus]['code'] === T_DOUBLE_COLON \|\|
214		$tokens[$tokenBeforePlus]['code'] === T_OBJECT_OPERATOR
215		) {
216		break;
217		}
218		// If not a class constant: fall through.
219
220		default:
221		// Deal with T_POW_EQUAL which doesn't exist in PHPCS 1.x
222		if (defined('T_POW_EQUAL') && $tokens[$tokenBefore]['type'] === 'T_POW_EQUAL') {
223		break;
224		}
225
226		// The found T_BITWISE_AND represents a pass-by-reference.
227		return true;
228		}
229
230		} while($nextVariable < $searchEndToken);
231
232		// This code should never be reached, but here in case of weird bugs ;-)
233		return false;
234		}
235
236		}//end class
237

wimg / PHPCompatibility