1.2.129. Check On __Call Usage

When using the magic methods __call() and __staticcall(), make sure the method exists before calling it.

If the method doesn’t exists, then the same method will be called again, leading to the same failure. Finally, it will crash PHP.

<?php

class safeCall {
    function __class($name, $args) {
        // unsafe call, no checks
        if (method_exists($this, $name)) {
            $this->$name(...$args);
        }
    }
}

class unsafeCall {
    function __class($name, $args) {
        // unsafe call, no checks
        $this->$name(...$args);
    }
}

?>

See also Method overloading and Magical PHP: __call.

1.2.129.1. Suggestions

• Add a call to method_exists() before using any method name

• Relay the call to another object that doesn’t handle __call() or __callStatic()

1.2.129.2. Specs

Short name	Classes/CheckOnCallUsage
Rulesets	All, Analyze, CE, CI-checks
Exakat since	1.7.2
PHP Version	All
Severity	Minor
Time To Fix	Quick (30 mins)
Precision	Very high
Features	magic-method
Available in	Entreprise Edition, Community Edition, Exakat Cloud