isophonics-drupal-site: vendor/drupal/coder/coder_sniffer/DrupalPractice/Sniffs/FunctionCalls/VariableSetSanitizeSniff.php annotate

annotate vendor/drupal/coder/coder_sniffer/DrupalPractice/Sniffs/FunctionCalls/VariableSetSanitizeSniff.php @ 12:7a779792577d

Update Drupal core to v8.4.5 (via Composer)

author	Chris Cannam
date	Fri, 23 Feb 2018 15:52:07 +0000
parents	4c8ae668cc8c
children	129ea1e6d783

rev	line source
Chris@0	1 <?php
Chris@0	2 /**
Chris@0	3 * DrupalPractice_Sniffs_FunctionCalls_VariableSetSanitizeSniff
Chris@0	4 *
Chris@0	5 * @category PHP
Chris@0	6 * @package PHP_CodeSniffer
Chris@0	7 * @link http://pear.php.net/package/PHP_CodeSniffer
Chris@0	8 */
Chris@0	9
Chris@0	10 /**
Chris@0	11 * Check that variable_set() calls do not run check_plain() or other
Chris@0	12 * sanitization functions on the value.
Chris@0	13 *
Chris@0	14 * @category PHP
Chris@0	15 * @package PHP_CodeSniffer
Chris@0	16 * @link http://pear.php.net/package/PHP_CodeSniffer
Chris@0	17 */
Chris@0	18 class DrupalPractice_Sniffs_FunctionCalls_VariableSetSanitizeSniff extends Drupal_Sniffs_Semantics_FunctionCall
Chris@0	19 {
Chris@0	20
Chris@0	21
Chris@0	22 /**
Chris@0	23 * Returns an array of function names this test wants to listen for.
Chris@0	24 *
Chris@0	25 * @return array
Chris@0	26 */
Chris@0	27 public function registerFunctionNames()
Chris@0	28 {
Chris@0	29 return array('variable_set');
Chris@0	30
Chris@0	31 }//end registerFunctionNames()
Chris@0	32
Chris@0	33
Chris@0	34 /**
Chris@0	35 * Processes this function call.
Chris@0	36 *
Chris@0	37 * @param PHP_CodeSniffer_File $phpcsFile The file being scanned.
Chris@0	38 * @param int $stackPtr The position of the function call in
Chris@0	39 * the stack.
Chris@0	40 * @param int $openBracket The position of the opening
Chris@0	41 * parenthesis in the stack.
Chris@0	42 * @param int $closeBracket The position of the closing
Chris@0	43 * parenthesis in the stack.
Chris@0	44 *
Chris@0	45 * @return void
Chris@0	46 */
Chris@0	47 public function processFunctionCall(
Chris@0	48 PHP_CodeSniffer_File $phpcsFile,
Chris@0	49 $stackPtr,
Chris@0	50 $openBracket,
Chris@0	51 $closeBracket
Chris@0	52 ) {
Chris@0	53 $tokens = $phpcsFile->getTokens();
Chris@0	54
Chris@0	55 $argument = $this->getArgument(2);
Chris@0	56 if ($argument !== false && in_array(
Chris@0	57 $tokens[$argument['start']]['content'],
Chris@0	58 array(
Chris@0	59 'check_markup',
Chris@0	60 'check_plain',
Chris@0	61 'check_url',
Chris@0	62 'filter_xss',
Chris@0	63 'filter_xss_admin',
Chris@0	64 )
Chris@0	65 ) === true
Chris@0	66 ) {
Chris@0	67 $warning = 'Do not use the %s() sanitization function when writing values to the database, use it on output to HTML instead';
Chris@0	68 $data = array($tokens[$argument['start']]['content']);
Chris@0	69 $phpcsFile->addWarning($warning, $argument['start'], 'VariableSet', $data);
Chris@0	70 }
Chris@0	71
Chris@0	72 }//end processFunctionCall()
Chris@0	73
Chris@0	74
Chris@0	75 }//end class

Mercurial > hg > isophonics-drupal-site

annotate vendor/drupal/coder/coder_sniffer/DrupalPractice/Sniffs/FunctionCalls/VariableSetSanitizeSniff.php @ 12:7a779792577d