function CurlSslVerifierSniff::processFunctionCall
Processes this function call.
Parameters
\PHP_CodeSniffer\Files\File $phpcsFile The file being scanned.:
int $stackPtr The position of the function call in: the stack.
int $openBracket The position of the opening: parenthesis in the stack.
int $closeBracket The position of the closing: parenthesis in the stack.
Return value
void
File
-
vendor/
drupal/ coder/ coder_sniffer/ DrupalPractice/ Sniffs/ FunctionCalls/ CurlSslVerifierSniff.php, line 52
Class
- CurlSslVerifierSniff
- Make sure that CURLOPT_SSL_VERIFYPEER is not disabled, since that is a security issue.
Namespace
DrupalPractice\Sniffs\FunctionCallsCode
public function processFunctionCall(File $phpcsFile, $stackPtr, $openBracket, $closeBracket) {
$tokens = $phpcsFile->getTokens();
$option = $this->getArgument(2);
if ($tokens[$option['start']]['content'] !== 'CURLOPT_SSL_VERIFYPEER') {
return;
}
$value = $this->getArgument(3);
if ($tokens[$value['start']]['content'] === 'FALSE' || $tokens[$value['start']]['content'] === '0') {
$warning = 'Potential security problem: SSL peer verification must not be disabled';
$phpcsFile->addWarning($warning, $value['start'], 'SslPeerVerificationDisabled');
}
}