3
* Ensures that eval() is not used to create objects.
8
* @package PHP_CodeSniffer_MySource
9
* @author Greg Sherwood <gsherwood@squiz.net>
10
* @copyright 2006 Squiz Pty Ltd (ABN 77 084 670 600)
11
* @license http://matrix.squiz.net/developer/tools/php_cs/licence BSD Licence
12
* @version CVS: $Id: EvalObjectFactorySniff.php,v 1.2 2007/07/23 01:47:52 squiz Exp $
13
* @link http://pear.php.net/package/PHP_CodeSniffer
17
* Ensures that eval() is not used to create objects.
20
* @package PHP_CodeSniffer_MySource
21
* @author Greg Sherwood <gsherwood@squiz.net>
22
* @copyright 2006 Squiz Pty Ltd (ABN 77 084 670 600)
23
* @license http://matrix.squiz.net/developer/tools/php_cs/licence BSD Licence
24
* @version Release: 1.1.0
25
* @link http://pear.php.net/package/PHP_CodeSniffer
27
class MySource_Sniffs_PHP_EvalObjectFactorySniff implements PHP_CodeSniffer_Sniff
32
* Returns an array of tokens this test wants to listen for.
36
public function register()
44
* Processes this sniff, when one of its tokens is encountered.
46
* @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
47
* @param int $stackPtr The position of the current token in
48
* the stack passed in $tokens.
52
public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
54
$tokens = $phpcsFile->getTokens();
57
We need to find all strings that will be in the eval
58
to determine if the "new" keyword is being used.
61
$openBracket = $phpcsFile->findNext(T_OPEN_PARENTHESIS, ($stackPtr + 1));
62
$closeBracket = $tokens[$openBracket]['parenthesis_closer'];
67
for ($i = ($openBracket + 1); $i < $closeBracket; $i++) {
68
if (in_array($tokens[$i]['code'], PHP_CodeSniffer_Tokens::$stringTokens) === true) {
69
$strings[$i] = $tokens[$i]['content'];
70
} else if ($tokens[$i]['code'] === T_VARIABLE) {
71
$vars[$i] = $tokens[$i]['content'];
76
We now have some variables that we need to expand into
77
the strings that were assigned to them, if any.
80
foreach ($vars as $varPtr => $varName) {
81
while (($prev = $phpcsFile->findPrevious(T_VARIABLE, ($varPtr - 1))) !== false) {
82
// Make sure this is an assignment of the variable. That means
83
// it will be the first thing on the line.
84
$prevContent = $phpcsFile->findPrevious(T_WHITESPACE, ($prev - 1), null, true);
85
if ($tokens[$prevContent]['line'] === $tokens[$prev]['line']) {
86
$varPtr = $prevContent;
90
if ($tokens[$prev]['content'] !== $varName) {
91
// This variable has a different name.
92
$varPtr = $prevContent;
100
if ($prev !== false) {
101
// Find all strings on the line.
102
$lineEnd = $phpcsFile->findNext(T_SEMICOLON, ($prev + 1));
103
for ($i = ($prev + 1); $i < $lineEnd; $i++) {
104
if (in_array($tokens[$i]['code'], PHP_CodeSniffer_Tokens::$stringTokens) === true) {
105
$strings[$i] = $tokens[$i]['content'];
111
foreach ($strings as $string) {
112
// If the string has "new" in it, it is not allowed.
113
// We don't bother checking if the word "new" is echo'd
114
// because that is unlikely to happen. We assume the use
115
// of "new" is for object instantiation.
116
if (strstr($string, ' new ') !== false) {
117
$error = 'Do not use eval() to create objects dynamically; use reflection instead';
118
$phpcsFile->addWarning($error, $stackPtr);