Mercurial > hg > isophonics-drupal-site

annotate vendor/drupal/coder/coder_sniffer/DrupalPractice/Sniffs/FunctionCalls/CurlSslVerifierSniff.php @ 12:7a779792577d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update Drupal core to v8.4.5 (via Composer)
author Chris Cannam
date Fri, 23 Feb 2018 15:52:07 +0000
parents 4c8ae668cc8c
children 129ea1e6d783
rev   line source
Chris@0 1 <?php
Chris@0 2 /**
Chris@0 3 * Drupal_Sniffs_FunctionCalls_CurlSslVerifierSniff
Chris@0 4 *
Chris@0 5 * @category PHP
Chris@0 6 * @package PHP_CodeSniffer
Chris@0 7 * @link http://pear.php.net/package/PHP_CodeSniffer
Chris@0 8 */
Chris@0 9
Chris@0 10 /**
Chris@0 11 * Make sure that CURLOPT_SSL_VERIFYPEER is not disabled, since that is a
Chris@0 12 * security issue.
Chris@0 13 *
Chris@0 14 * @category PHP
Chris@0 15 * @package PHP_CodeSniffer
Chris@0 16 * @link http://pear.php.net/package/PHP_CodeSniffer
Chris@0 17 */
Chris@0 18 class DrupalPractice_Sniffs_FunctionCalls_CurlSslVerifierSniff extends Drupal_Sniffs_Semantics_FunctionCall
Chris@0 19 {
Chris@0 20
Chris@0 21
Chris@0 22 /**
Chris@0 23 * Returns an array of function names this test wants to listen for.
Chris@0 24 *
Chris@0 25 * @return array
Chris@0 26 */
Chris@0 27 public function registerFunctionNames()
Chris@0 28 {
Chris@0 29 return array('curl_setopt');
Chris@0 30
Chris@0 31 }//end registerFunctionNames()
Chris@0 32
Chris@0 33
Chris@0 34 /**
Chris@0 35 * Processes this function call.
Chris@0 36 *
Chris@0 37 * @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
Chris@0 38 * @param int $stackPtr The position of the function call in
Chris@0 39 * the stack.
Chris@0 40 * @param int $openBracket The position of the opening
Chris@0 41 * parenthesis in the stack.
Chris@0 42 * @param int $closeBracket The position of the closing
Chris@0 43 * parenthesis in the stack.
Chris@0 44 *
Chris@0 45 * @return void
Chris@0 46 */
Chris@0 47 public function processFunctionCall(
Chris@0 48 PHP_CodeSniffer_File $phpcsFile,
Chris@0 49 $stackPtr,
Chris@0 50 $openBracket,
Chris@0 51 $closeBracket
Chris@0 52 ) {
Chris@0 53 $tokens = $phpcsFile->getTokens();
Chris@0 54 $option = $this->getArgument(2);
Chris@0 55 if ($tokens[$option['start']]['content'] !== 'CURLOPT_SSL_VERIFYPEER') {
Chris@0 56 return;
Chris@0 57 }
Chris@0 58
Chris@0 59 $value = $this->getArgument(3);
Chris@0 60 if ($tokens[$value['start']]['content'] === 'FALSE' || $tokens[$value['start']]['content'] === '0') {
Chris@0 61 $warning = 'Potential security problem: SSL peer verification must not be disabled';
Chris@0 62 $phpcsFile->addWarning($warning, $value['start'], 'SslPeerVerificationDisabled');
Chris@0 63 }
Chris@0 64
Chris@0 65 }//end processFunctionCall()
Chris@0 66
Chris@0 67
Chris@0 68 }//end class