You are here

CurlSslVerifierSniff.php in Coder 8.3

File

coder_sniffer/DrupalPractice/Sniffs/FunctionCalls/CurlSslVerifierSniff.php
View source
<?php

/**
 * \DrupalPractice\Sniffs\FunctionCalls\CurlSslVerifierSniff
 *
 * @category PHP
 * @package  PHP_CodeSniffer
 * @link     http://pear.php.net/package/PHP_CodeSniffer
 */
namespace DrupalPractice\Sniffs\FunctionCalls;

use PHP_CodeSniffer\Files\File;
use Drupal\Sniffs\Semantics\FunctionCall;

/**
 * Make sure that CURLOPT_SSL_VERIFYPEER is not disabled, since that is a
 * security issue.
 *
 * @category PHP
 * @package  PHP_CodeSniffer
 * @link     http://pear.php.net/package/PHP_CodeSniffer
 */
class CurlSslVerifierSniff extends FunctionCall {

  /**
   * Returns an array of function names this test wants to listen for.
   *
   * @return array<string>
   */
  public function registerFunctionNames() {
    return [
      'curl_setopt',
    ];
  }

  //end registerFunctionNames()

  /**
   * Processes this function call.
   *
   * @param \PHP_CodeSniffer\Files\File $phpcsFile    The file being scanned.
   * @param int                         $stackPtr     The position of the function call in
   *                                                  the stack.
   * @param int                         $openBracket  The position of the opening
   *                                                  parenthesis in the stack.
   * @param int                         $closeBracket The position of the closing
   *                                                  parenthesis in the stack.
   *
   * @return void
   */
  public function processFunctionCall(File $phpcsFile, $stackPtr, $openBracket, $closeBracket) {
    $tokens = $phpcsFile
      ->getTokens();
    $option = $this
      ->getArgument(2);
    if ($tokens[$option['start']]['content'] !== 'CURLOPT_SSL_VERIFYPEER') {
      return;
    }
    $value = $this
      ->getArgument(3);
    if ($tokens[$value['start']]['content'] === 'FALSE' || $tokens[$value['start']]['content'] === '0') {
      $warning = 'Potential security problem: SSL peer verification must not be disabled';
      $phpcsFile
        ->addWarning($warning, $value['start'], 'SslPeerVerificationDisabled');
    }
  }

}

//end class

Classes

Namesort descending Description
CurlSslVerifierSniff Make sure that CURLOPT_SSL_VERIFYPEER is not disabled, since that is a security issue.