PHP_CodeSniffer_File::addWarning PHP Method

PHP_CodeSniffer_File Class Documentation Usage Examples Of PHP_CodeSniffer_File::addWarning Show file Open project: squizlabs/php_codesniffer

addWarning() public method

Records a warning against a specific token in the file.

public addWarning ( string $warning, integer $stackPtr, string $code = '', array $data = [], integer $severity, boolean $fixable = false ) : boolean
$warning	string	The error message.
$stackPtr	integer	The stack position where the error occurred.
$code	string	A violation code unique to the sniff message.
$data	array	Replacements for the warning message.
$severity	integer	The severity level for this warning. A value of 0 will be converted into the default severity level.
$fixable	boolean	Can the warning be fixed by the sniff?
return	boolean

    public function addWarning($warning, $stackPtr, $code = '', $data = array(), $severity = 0, $fixable = false)
    {
        if ($stackPtr === null) {
            $line = 1;
            $column = 1;
        } else {
            $line = $this->_tokens[$stackPtr]['line'];
            $column = $this->_tokens[$stackPtr]['column'];
        }
        return $this->_addWarning($warning, $line, $column, $code, $data, $severity, $fixable);
    }

Usage Example

Example #1

Show file

File: XSSHTMLConstructSniff.php Project: valugi/phpcs-security-audit

 /**
  * Processes the tokens that this sniff is interested in.
  *
  * @param PHP_CodeSniffer_File $phpcsFile The file where the token was found.
  * @param int                  $stackPtr  The position in the stack where
  *                                        the token was found.
  *
  * @return void
  */
 public function process(PHP_CodeSniffer_File $phpcsFile, $stackPtr)
 {
     $utils = Security_Sniffs_UtilsFactory::getInstance();
     $tokens = $phpcsFile->getTokens();
     if (preg_match('/<|>/', $tokens[$stackPtr]['content'])) {
         $end = $phpcsFile->findNext(T_SEMICOLON, $stackPtr + 1);
         $next = $stackPtr;
         while ($next && ($next = $phpcsFile->findNext(array_merge(array(T_STRING_CONCAT), PHP_CodeSniffer_Tokens::$emptyTokens), $next + 1, $end, true))) {
             // Next token will be checked with this sniff, no need to go further
             if (in_array($tokens[$next]['code'], $this->register())) {
                 return;
             }
             if ($next && !in_array($tokens[$next]['content'], $utils::getXSSMitigationFunctions())) {
                 if ($utils::is_direct_user_input($tokens[$next]['content'])) {
                     $phpcsFile->addError('HTML construction with direct user input ' . $tokens[$next]['content'] . ' detected.', $stackPtr, 'D7XSSHTMLConstructErr');
                 } elseif (PHP_CodeSniffer::getConfigData('ParanoiaMode') && !in_array($tokens[$next]['code'], array_merge(array(T_INLINE_ELSE, T_COMMA), PHP_CodeSniffer_Tokens::$booleanOperators))) {
                     if ($tokens[$next]['code'] == T_CLOSE_PARENTHESIS) {
                         $f = $phpcsFile->findPrevious(T_STRING, $next);
                         if ($f) {
                             $phpcsFile->addWarning('HTML construction with ' . $tokens[$f]['content'] . '() detected.', $stackPtr, 'D7XSSHTMLConstructWarnF');
                         }
                     } else {
                         $phpcsFile->addWarning('HTML construction with ' . $tokens[$next]['content'] . ' detected.', $stackPtr, 'D7XSSHTMLConstructWarn');
                     }
                 }
             }
             $next = $phpcsFile->findNext(T_STRING_CONCAT, $next + 1, $end);
         }
     }
 }

All Usage Examples Of PHP_CodeSniffer_File::addWarning

PHP_CodeSniffer_File

__construct

_addError

_addWarning

_createLevelMap

_createParenthesisNestingMap

_createPositionMap

_createScopeMap

_createTokenMap

_parse

_recurseScopeMap