Annex

• Credits
• Contribute
• External links

Credits

The following people helped in the making of Exakat : installing, coding, suggesting, using, documenting, reporting bugs, pushing us to be better.

• 陈曦 (Buck / Leon)
• 鄭蔚 (Jent / Jean)
• Gérard Ernaelsten
• Philippe Gamache
• Cyrille Granval
• Eshin Kunishima
• Alexis Van Glasow

Contribute

Exakat is an Open Source project. It is also organized to collect common knowledge and encode it in its databases.

Here are some suggestions of help you may provide to enhance your own usage of Exakat :

• Suggest PHP extensions that are missing in the list of supported extensions (see Annex)
• Suggest new analysis, with examples of target code, and examples of good code
• Suggest missing external services
• Suggest reference article for the documentation, in the section ‘See also’
• Suggestion application that may be added to the corpus of codes that we use to validate the analysis
• Provide new names and adjectives for the audit names. We like to include any first name of community members, and non-derogatory adjectives.
• Report installation or usage problems
• Report ambiguity in reports and their documentation
• Suggest interesting Coding reference, like Object Calisthenics, PSR, East-Oriented Programming, etc.
• Translate the documentation into other languages
• Suport Exakat on Windows or other OS
• Recommend article for code conception to be added in the docs
• Suggest public code source for review

Visit us on the [github repository](https://github.com/exakat/php-static-analysis-tools), or the [slack channel](https://www.exakat.io/slack-invitation/).

External links

List of external links mentioned in this documentation.

• $GLOBALS
• $HTTP_RAW_POST_DATA variable
• 7z
• ::class
• @deprecated
• [HttpFoundation] Make sessions secure and lazy #24523
• Add Exakat To Your CI Pipeline
• Ambassador
• Anonymous functions
• Aronduby Dump
• array_fill_keys
• array_filter
• array_unique
• Arrays syntax
• Atif Shahab Qureshi
• Autoloading Classe
• Backward incompatible changes
• Backward incompatible changes PHP 7.0
• bazaar
• Benoit Burnichon
• Bitwise Operators
• Brandon Savage
• Carbon
• Carnage
• cat: write error: Broken pipe
• Change the precedence of the concatenation operator
• Changes to variable handling
• Class Abstraction
• Class Constant
• Classes Abstraction
• Closure class
• Cmark
• COM and .Net (Windows)
• compact
• Comparison Operators
• composer
• Constant Scalar Expressions
• continue-on-error
• count
• Courier Anti-pattern
• curl
• curl_version
• CVS
• Cyrus
• Data structures
• DCDFLIB
• define
• Dependency Injection Smells
• Deprecate and remove INTL_IDNA_VARIANT_2003
• Deprecated features in PHP 5.4.x
• Deprecated features in PHP 7.2.x
• Deprecations for PHP 7.2
• DIO
• Dir predefined constants
• directive error_reporting
• dl
• Docker
• Docker image
• dotdeb instruction
• download
• Eaccelerator
• elseif/else if
• empty
• Empty Catch Clause
• Enchant spelling library
• Ereg
• Escape sequences
• Ev
• Exakat
• Exakat Cloud
• Exakat SAS
• exakat/exakat
• expect
• ext-http
• ext/hash extension
• ext/hrtime manual
• ext/leveldb on Github
• ext/recode
• ext/SeasLog on Github
• ext/sqlite
• Factory (object-oriented programming)
• FAM
• FastCGI Process Manager
• filesystem
• Final Keyword
• Firebase / Interbase
• Floating point numbers
• foreach
• Frederic Bouchery
• George Peter Banyard
• Git
• Github Action
• Github upload
• Github.com/exakat/exakat
• global namespace
• graphviz
• Gremlin server
• hash
• hash_algos
• hash_file
• Holger Woltersdorf
• How to fix Headers already sent error in PHP
• htmlentities
• https://hub.docker.com/r/exakat/exakat-ga
• https://www.exakat.io/
• https://www.exakat.io/versions/index.php?file=latest
• IBM Db2
• ICU
• Ideal regex delimiters in PHP
• IERS
• IIS Administration
• IMAP
• include_once
• Installing Exakat to monitor several projects
• Integers
• Interfaces
• Internal Constructor Behavior
• Is it a bad practice to have multiple classes in the same file?
• Isset Ternary
• Jordi Boggiano
• Judy C library
• Lapack
• libeio
• libevent
• libmongoc
• libuuid
• list
• List of Keywords
• List of other reserved words
• list() Reference Assignment
• Logical Operators
• Loosening Reserved Word Restrictions
• Magic Constants
• Magic Method
• Magic Methods
• Magic methods
• mail
• Mail related functions
• Marco Pivetta tweet
• Mathematical Functions
• mcrypt_create_iv()
• MD5
• Memcache on PHP
• mercurial
• mhash
• Microsoft SQL Server
• Microsoft SQL Server Driver
• Migration80
• Ming (flash)
• MongoDB driver
• mysqli
• Ncurses Terminal Screen Control
• Nested Ternaries are Great
• Net SNMP
• New custom object serialization mechanism
• Newt
• No Dangling Reference
• Object Calisthenics, rule # 5
• Object Inheritance
• Objects and references
• OPcache functions
• opencensus
• openssl_random_pseudo_byte
• Operators Precedence
• Optimize array_unique()
• Option to make json_encode and json_decode throw exceptions on errors
• Oracle OCI8
• original idea
• Original MySQL API
• Output Buffering Control
• Overload
• Packagist
• parent
• Parsekit
• Parsing and Lexing
• Password hashing
• Password Hashing
• PCRE
• PEAR
• pecl crypto
• pg_last_error
• PHP 7.3 Removed Functions
• PHP 7.3 UPGRADE NOTES
• PHP 7.4 Removed Functions
• PHP
• PHP for loops and counting arrays
• PHP gmagick
• PHP RFC: Deprecations for PHP 7.2 : Each()
• PHP RFC: Deprecations for PHP 8.1
• PHP Tags
• php-ext-wasm
• php-vips-ext
• PHP: When is /tmp not /tmp?
• phpsdl
• plantuml
• PMB
• Prepare for PHP migration with Exakat
• printf
• proctitle
• Properties
• PSR-11 : Dependency injection container
• PSR-13 : Link definition interface
• PSR-16 : Common Interface for Caching Libraries
• PSR-3 : Logger Interface
• PSR-3
• PSR-6 : Caching
• RabbitMQ AMQP client library
• rar
• Rar archiving
• Refactoring code
• Reflection export() methods
• RFC 7159
• RFC 7230
• RFC 822 (MIME)
• RFC 959
• RFC: Return Type Declarations
• Salted Password Hashing - Doing it Right
• Scope Resolution Operator (::)
• Semaphore, Shared Memory and IPC
• Sessions
• Set-Cookie
• setlocale
• shell_exec
• Specification pattern
• Sphinx Client
• sqlite3
• Static Keyword
• String access and modification by character
• String functions
• strip_tags
• strtr
• Subpatterns
• Suhosin.org
• Supported Protocols and Wrappers
• Svn
• Swoole
• tetraweb/php
• Text
• The main PPA for PHP (8.0, 7.4, 7.3, 7.2, 7.1, 7.0, 5.6)
• tokenizer
• tokyo_tyrant
• trigger_error
• Tutorial 1: Let’s learn by example
• Type Casting
• Type declarations
• Type declarations
• Type Juggling
• Type Operators
• Understanding Dependency Injection
• unset
• upload artifact
• Use of Hardcoded IPv4 Addresses
• V8 Javascript Engine
• Vagrant file
• Variable functions
• Variable scope
• Variable Scope
• Visibility
• Vladimir Reznichenko
• Void functions
• Weak references
• Why is subclassing too much bad (and hence why should we use prototypes to do away with it)?
• wikidiff2
• Wincache extension for PHP
• workflow_dispatch
• www.exakat.io
• YAML Ain’t Markup Language
• Yoda Conditions
• Zend Monitor - PHP API
• ZeroMQ
• zip

Training Database

A number of applications are regularly scanned in order to find real life examples of patterns. They are listed here :

• ChurchCRM
• Cleverstyle
• Contao
• Dolibarr
• Dolphin
• Edusoho
• ExpressionEngine
• FuelCMS
• HuMo-Gen
• LiveZilla
• Magento
• Mautic
• MediaWiki
• NextCloud
• OpenConf
• OpenEMR
• Phinx
• PhpIPAM
• Phpdocumentor
• Piwigo
• PrestaShop
• SPIP
• SugarCrm
• SuiteCrm
• TeamPass
• Thelia
• ThinkPHP
• Tikiwiki
• Tine20
• Traq
• Typo3
• Vanilla
• Woocommerce
• WordPress
• XOOPS
• Zencart
• Zend-Config
• Zurmo
• opencfp
• phpMyAdmin
• phpadsnew
• shopware
• xataface