Open
Description
To run report:
composer global require psecio/parse
~/.composer/vendor/bin/psecio-parse scan c3.php
And its results:
- /var/www/html/tests/c3.php on line 45
'header()' calls should not use concatenation directly
header('X-Codeception-CodeCoverage-Error: ' . str_replace("\n", ' ', $message), true, 500);
For more information execute 'psecio-parse rules SetHeaderWithInput'
- /var/www/html/tests/c3.php on line 69
Avoid using AND, OR and XOR (in favor of || and &&) as they may cause subtle precedence bugs
if (!class_exists('PHP_CodeCoverage') and class_exists('SebastianBergmann\CodeCoverage\CodeCoverage')) {
For more information execute 'psecio-parse rules LogicalOperators'
- /var/www/html/tests/c3.php on line 137
The third parameter should be set (and be true) on in_array to avoid type switching issues
if (in_array('GZ', Phar::getSupportedCompression())) {
For more information execute 'psecio-parse rules TypeSafeInArray'
- /var/www/html/tests/c3.php on line 184
The third parameter should be set (and be true) on in_array to avoid type switching issues
if (in_array('GZ', Phar::getSupportedCompression())) {
For more information execute 'psecio-parse rules TypeSafeInArray'
- /var/www/html/tests/c3.php on line 204
The readfile/readlink/readgzfile functions output content directly (possible injection)
readfile($filename);
For more information execute 'psecio-parse rules Readfile'
Metadata
Metadata
Assignees
Labels
No labels