public function analyze()
{
$functions = array('fopen', 'file', 'file_get_contents', 'file_put_contents', 'unlink', 'opendir', 'rmdir', 'mkdir');
//'glob', is a special case, with wild chars
$regexPhpProtocol = '^php://(input|output|fd|memory|filter|stdin|stdout|stderr)';
$regexAllowedProtocol = '^(https|http|php|ssh2|ftp):\\\\/\\\\/';
// string literal fopen('a', 'r');
// may need some regex to exclude protocol...
$this->atomFunctionIs($functions)->outIs('ARGUMENTS')->outWithRank('ARGUMENT', 0)->atomIs('String')->tokenIs('T_CONSTANT_ENCAPSED_STRING')->regexIsNot('noDelimiter', $regexPhpProtocol)->regexIsNot('noDelimiter', $regexAllowedProtocol)->back('first');
$this->prepareQuery();
$this->atomFunctionIs('\\glob')->outIs('ARGUMENTS')->outWithRank('ARGUMENT', 0)->atomIs('String')->tokenIs('T_CONSTANT_ENCAPSED_STRING')->regexIsNot('noDelimiter', $regexPhpProtocol)->regexIsNot('noDelimiter', $regexAllowedProtocol)->regexIsNot('noDelimiter', '[\\\\?\\\\*]')->back('first');
$this->prepareQuery();
// string literal fopen("a$b", 'r');
// may need some regex to exclude http...
$this->atomFunctionIs($functions)->outIs('ARGUMENTS')->outWithRank('ARGUMENT', 0)->atomIs('String')->is('constant', true)->tokenIs('T_QUOTE')->outWithRank('CONCAT', 0)->tokenIs('T_ENCAPSED_AND_WHITESPACE')->regexIsNot('noDelimiter', $regexPhpProtocol)->regexIsNot('noDelimiter', $regexAllowedProtocol)->back('first');
$this->prepareQuery();
// string literal fopen('a'.$b, 'r');
// may need some regex to exclude http...
$this->atomFunctionIs($functions)->outIs('ARGUMENTS')->outWithRank('ARGUMENT', 0)->atomIs('Concatenation')->is('constant', true)->outWithRank('CONCAT', 0)->tokenIs('T_CONSTANT_ENCAPSED_STRING')->regexIsNot('noDelimiter', $regexPhpProtocol)->regexIsNot('noDelimiter', $regexAllowedProtocol)->back('first');
$this->prepareQuery();
}