[MediaWiki-commits] [Gerrit] Add usage to forbid superglobals like $GET, $POST - change (mediawiki...codesniffer)

Lethexie (Code Review) Tue, 28 Jun 2016 06:28:48 -0700

Lethexie has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/296395


Change subject: Add usage to forbid superglobals like $__GET,$__POST
......................................................................

Add usage to forbid superglobals like $__GET,$__POST

The conventions mentioned that do not access superglobals in
https://www.mediawiki.org/wiki/Manual:Coding_conventions/PHP#Global objects

Change-Id: I587e15227250f4215a8d7cc4376096f5343b11e0
---
A MediaWiki/Sniffs/Usage/SuperGlobalsUsageSniff.php
A MediaWiki/Tests/files/Usage/super_globals_usage.php
A MediaWiki/Tests/files/Usage/super_globals_usage.php.expect
3 files changed, 72 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/tools/codesniffer 
refs/changes/95/296395/1

diff --git a/MediaWiki/Sniffs/Usage/SuperGlobalsUsageSniff.php 
b/MediaWiki/Sniffs/Usage/SuperGlobalsUsageSniff.php
new file mode 100644
index 0000000..4d3cf29
--- /dev/null
+++ b/MediaWiki/Sniffs/Usage/SuperGlobalsUsageSniff.php
@@ -0,0 +1,42 @@
+<?php
+
+/**
+ * Do not access php superglobals like $__GET,$__POST,$__SERVER
+ *
+ * Fail: $__GET['id']
+ * Fail: $__POST['user']
+ * Fail: $__SERVER['ip']
+ */
+
+// @codingStandardsIgnoreStart
+class MediaWiki_Sniffs_Usage_SuperGlobalsUsageSniff implements 
PHP_CodeSniffer_Sniff {
+       // @codingStandardsIgnoreEnd
+
+       /** The list of forbidden superglobals */
+       public static $forbiddenList = [
+               '$__SERVER' => true,
+               '$__POST' => true,
+               '$__GET' => true
+       ];
+       /**
+        * @return  array
+        */
+       public function register() {
+               // As per 
https://www.mediawiki.org/wiki/Manual:Coding_conventions/PHP#Global_objects
+               return [ T_VARIABLE ];
+       }
+
+       /**
+        * @param  PHP_CodeSniffer_File $phpcsFile The PHP_CodeSniffer_File 
object.
+        * @param int $stackPtr The current token index.
+        * @return void
+        */
+       public function process( PHP_CodeSniffer_File $phpcsFile, $stackPtr ) {
+               $tokens = $phpcsFile->getTokens();
+               $currentToken = $tokens[$stackPtr];
+               if ( isset( self::$forbiddenList[$currentToken['content']] ) 
=== true ) {
+                       $error = '"%s" superglobals do not be accessed.';
+                       $phpcsFile->addError( $error, $stackPtr, 
'SuperGlobals', $currentToken['content'] );
+               }
+       }
+}
diff --git a/MediaWiki/Tests/files/Usage/super_globals_usage.php 
b/MediaWiki/Tests/files/Usage/super_globals_usage.php
new file mode 100644
index 0000000..68e5e09
--- /dev/null
+++ b/MediaWiki/Tests/files/Usage/super_globals_usage.php
@@ -0,0 +1,18 @@
+<?php
+
+/**
+ * Failed examples.
+ * @return void
+ */
+function wfFailedExamples() {
+       $user = $__GET['id'];
+       $id = $__POST['id'];
+       $ser = $__SERVER['SERVER_NAME'];
+}
+
+/**
+ * Passed examples.
+ * @return void
+ */
+function wfPassedExamples() {
+}
diff --git a/MediaWiki/Tests/files/Usage/super_globals_usage.php.expect 
b/MediaWiki/Tests/files/Usage/super_globals_usage.php.expect
new file mode 100644
index 0000000..e537a95
--- /dev/null
+++ b/MediaWiki/Tests/files/Usage/super_globals_usage.php.expect
@@ -0,0 +1,12 @@
+
+FILE: ...-codesniffer/MediaWiki/Tests/files/Usage/super_globals_usage.php
+----------------------------------------------------------------------
+FOUND 3 ERRORS AFFECTING 3 LINES
+----------------------------------------------------------------------
+  8 | ERROR | "$__GET" superglobals do not be accessed.
+  9 | ERROR | "$__POST" superglobals do not be accessed.
+ 10 | ERROR | "$__SERVER" superglobals do not be accessed.
+----------------------------------------------------------------------
+
+Time: 26ms; Memory: 3.5Mb
+

-- 
To view, visit https://gerrit.wikimedia.org/r/296395
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I587e15227250f4215a8d7cc4376096f5343b11e0
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/tools/codesniffer
Gerrit-Branch: master
Gerrit-Owner: Lethexie <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Add usage to forbid superglobals like $__GET, $__POST - change (mediawiki...codesniffer)

Reply via email to

[MediaWiki-commits] [Gerrit] Add usage to forbid superglobals like $GET, $POST - change (mediawiki...codesniffer)