class CurlSslVerifierSniff
Make sure that CURLOPT_SSL_VERIFYPEER is not disabled, since that is a security issue.
@category PHP @package PHP_CodeSniffer @link http://pear.php.net/package/PHP_CodeSniffer
Hierarchy
- class \Drupal\Sniffs\Semantics\FunctionCall implements \PHP_CodeSniffer\Sniffs\Sniff
- class \DrupalPractice\Sniffs\FunctionCalls\CurlSslVerifierSniff extends \Drupal\Sniffs\Semantics\FunctionCall
Expanded class hierarchy of CurlSslVerifierSniff
File
-
vendor/
drupal/ coder/ coder_sniffer/ DrupalPractice/ Sniffs/ FunctionCalls/ CurlSslVerifierSniff.php, line 23
Namespace
DrupalPractice\Sniffs\FunctionCallsView source
class CurlSslVerifierSniff extends FunctionCall {
/**
* Returns an array of function names this test wants to listen for.
*
* @return array<string>
*/
public function registerFunctionNames() {
return [
'curl_setopt',
];
}
//end registerFunctionNames()
/**
* Processes this function call.
*
* @param \PHP_CodeSniffer\Files\File $phpcsFile The file being scanned.
* @param int $stackPtr The position of the function call in
* the stack.
* @param int $openBracket The position of the opening
* parenthesis in the stack.
* @param int $closeBracket The position of the closing
* parenthesis in the stack.
*
* @return void
*/
public function processFunctionCall(File $phpcsFile, $stackPtr, $openBracket, $closeBracket) {
$tokens = $phpcsFile->getTokens();
$option = $this->getArgument(2);
if ($tokens[$option['start']]['content'] !== 'CURLOPT_SSL_VERIFYPEER') {
return;
}
$value = $this->getArgument(3);
if ($tokens[$value['start']]['content'] === 'FALSE' || $tokens[$value['start']]['content'] === '0') {
$warning = 'Potential security problem: SSL peer verification must not be disabled';
$phpcsFile->addWarning($warning, $value['start'], 'SslPeerVerificationDisabled');
}
}
//end processFunctionCall()
}Members
| Title Sort descending | Modifiers | Object type | Summary | Overriden Title | Overrides |
|---|---|---|---|---|---|
| CurlSslVerifierSniff::processFunctionCall | public | function | Processes this function call. | ||
| CurlSslVerifierSniff::registerFunctionNames | public | function | Returns an array of function names this test wants to listen for. | ||
| FunctionCall::$arguments | protected | property | Internal cache to save the calculated arguments of the function call. | ||
| FunctionCall::$closeBracket | protected | property | The token position of the closing bracket of the function call. | ||
| FunctionCall::$functionCall | protected | property | The token position of the function call. | ||
| FunctionCall::$includeMethodCalls | protected | property | Whether method invocations with the same function name should be processed, too. |
1 | |
| FunctionCall::$openBracket | protected | property | The token position of the opening bracket of the function call. | ||
| FunctionCall::$phpcsFile | protected | property | The currently processed file. | ||
| FunctionCall::getArgument | public | function | Returns start and end token for a given argument number. | ||
| FunctionCall::isFunctionCall | protected | function | Checks if this is a function call. | ||
| FunctionCall::process | public | function | Processes this test, when one of its tokens is encountered. | Overrides Sniff::process | 2 |
| FunctionCall::register | public | function | Returns an array of tokens this test wants to listen for. | Overrides Sniff::register |