Chris@0
|
1 <?php
|
Chris@0
|
2 /**
|
Chris@17
|
3 * \DrupalPractice\Sniffs\FunctionCalls\CheckPlainSniff
|
Chris@0
|
4 *
|
Chris@0
|
5 * @category PHP
|
Chris@0
|
6 * @package PHP_CodeSniffer
|
Chris@0
|
7 * @link http://pear.php.net/package/PHP_CodeSniffer
|
Chris@0
|
8 */
|
Chris@0
|
9
|
Chris@17
|
10 namespace DrupalPractice\Sniffs\FunctionCalls;
|
Chris@17
|
11
|
Chris@17
|
12 use PHP_CodeSniffer\Files\File;
|
Chris@17
|
13 use Drupal\Sniffs\Semantics\FunctionCall;
|
Chris@17
|
14
|
Chris@0
|
15 /**
|
Chris@0
|
16 * Check that check_plain() is not used on literal strings.
|
Chris@0
|
17 *
|
Chris@0
|
18 * @category PHP
|
Chris@0
|
19 * @package PHP_CodeSniffer
|
Chris@0
|
20 * @link http://pear.php.net/package/PHP_CodeSniffer
|
Chris@0
|
21 */
|
Chris@17
|
22 class CheckPlainSniff extends FunctionCall
|
Chris@0
|
23 {
|
Chris@0
|
24
|
Chris@0
|
25
|
Chris@0
|
26 /**
|
Chris@0
|
27 * Returns an array of function names this test wants to listen for.
|
Chris@0
|
28 *
|
Chris@0
|
29 * @return array
|
Chris@0
|
30 */
|
Chris@0
|
31 public function registerFunctionNames()
|
Chris@0
|
32 {
|
Chris@0
|
33 return array('check_plain');
|
Chris@0
|
34
|
Chris@0
|
35 }//end registerFunctionNames()
|
Chris@0
|
36
|
Chris@0
|
37
|
Chris@0
|
38 /**
|
Chris@0
|
39 * Processes this function call.
|
Chris@0
|
40 *
|
Chris@17
|
41 * @param \PHP_CodeSniffer\Files\File $phpcsFile The file being scanned.
|
Chris@17
|
42 * @param int $stackPtr The position of the function call in
|
Chris@17
|
43 * the stack.
|
Chris@17
|
44 * @param int $openBracket The position of the opening
|
Chris@17
|
45 * parenthesis in the stack.
|
Chris@17
|
46 * @param int $closeBracket The position of the closing
|
Chris@17
|
47 * parenthesis in the stack.
|
Chris@0
|
48 *
|
Chris@0
|
49 * @return void
|
Chris@0
|
50 */
|
Chris@0
|
51 public function processFunctionCall(
|
Chris@17
|
52 File $phpcsFile,
|
Chris@0
|
53 $stackPtr,
|
Chris@0
|
54 $openBracket,
|
Chris@0
|
55 $closeBracket
|
Chris@0
|
56 ) {
|
Chris@0
|
57 $tokens = $phpcsFile->getTokens();
|
Chris@0
|
58 $argument = $this->getArgument(1);
|
Chris@0
|
59 if ($argument['start'] === $argument['end'] && $tokens[$argument['start']]['code'] === T_CONSTANT_ENCAPSED_STRING) {
|
Chris@0
|
60 $warning = 'Do not use check_plain() on string literals, because they cannot contain user provided text';
|
Chris@0
|
61 $phpcsFile->addWarning($warning, $argument['start'], 'CheckPlainLiteral');
|
Chris@0
|
62 }
|
Chris@0
|
63
|
Chris@0
|
64 }//end processFunctionCall()
|
Chris@0
|
65
|
Chris@0
|
66
|
Chris@0
|
67 }//end class
|