2. Rulesets¶
2.1. Introduction¶
Exakat provides unique 1584 rules to detect BUGS, CODE SMELLS, SECURITY OR QUALITY ISSUES in your PHP code.
For more smoothly usage, the ruleset concept allow you to run a set of rules based on a decidated focus. Beawre that a Ruleset run all the associated rules and any needed dependencies.
Rulesets are configured with the -T option, when running exakat in command line. For example :
php exakat.phar analyze -p <project> -T <Security>
2.2. Summary¶
Here is the list of the current rulesets supported by Exakat Engine.
Name | Description |
All | All is a dummy ruleset, which includes all the rules. |
Analyze | Check for common best practices. |
Appinfo | Appinfo is the equivalent of phpinfo() for your code. |
Attributes | This ruleset gathers all rules that rely on PHP 8.+ attributes. |
CE | List of rules that are part of the Community Edition |
CI-checks | Quick check for common best practices. |
Changed Behavior | Ruleset with all rules that identify changed behavior across PHP versions. |
Class Review | A set of rules dedicated to class hygiene |
Classdependencies | A set of rules dedicated to show classes dependences |
Coding conventions | List coding conventions violations. |
CompatibilityPHP53 | List features that are incompatible with PHP 5.3. |
CompatibilityPHP54 | List features that are incompatible with PHP 5.4. |
CompatibilityPHP55 | List features that are incompatible with PHP 5.5. |
CompatibilityPHP56 | List features that are incompatible with PHP 5.6. |
CompatibilityPHP70 | List features that are incompatible with PHP 7.0. |
CompatibilityPHP71 | List features that are incompatible with PHP 7.1. |
CompatibilityPHP72 | List features that are incompatible with PHP 7.2. |
CompatibilityPHP73 | List features that are incompatible with PHP 7.3. |
CompatibilityPHP74 | List features that are incompatible with PHP 7.4. |
CompatibilityPHP80 | List features that are incompatible with PHP 8.0. |
CompatibilityPHP81 | List features that are incompatible with PHP 8.1. |
CompatibilityPHP82 | List features that are incompatible with PHP 8.2. |
CompatibilityPHP83 | List features that are incompatible with PHP 8.3. |
Dead code | Check the unused code or unreachable code. |
Deprecated | List of deprecated features, across all PHP versions. |
Dump | Dump is a collector set of rules. |
First | A set of rules that are always run at the beginning of a project, because they are frequently used. |
Inventory | A set of rules that collect various definitions from the code |
IsExt | Ruleset with analysis which rely on PHP’s optional extensions |
IsPHP | Ruleset with analysis which rely on PHP’s core extensions |
IsStub | Ruleset with analysis which rely on custom stubs |
LintButWontExec | Check the code for common errors that will lead to a Fatal error on production, but lint fine. |
NoDoc | Ruleset with analysis which are not published in the docs. |
One Liners | Report expressions that are one liners. |
PHP recommendations | Report recommendations from the PHP manual. |
Performances | Check the code for slow code. |
Preferences | Identify preferences in the code. |
Rector | Suggests configuration to apply changes with Rector |
Security | Check the code for common security bad practices, especially in the Web environnement. |
Semantics | Checks the meanings found the names of the code. |
Suggestions | List of possible modernisation of the PHP code. |
Surprising | A ruleset dedicated to surprising pieces of code in PHP. |
Top10 | The most common issues found in the code |
Typechecks | Checks related to types. |
php-cs-fixable | Suggests configuration to apply changes with PHP-CS-FIXER |
Note : in command line, don’t forget to add quotes to rulesets’ names that include white space.
2.3. List of rulesets¶
2.3.1. All¶
All is a dummy ruleset, which includes all the rules. It is mostly used internally.
Total : 1582 analysis
- Adding Zero
- Ambiguous Array Index
- Array Index
- Multidimensional Arrays
- Multiple Index Definition
- PHP Arrays Index
- Class Usage
- Classes Names
- Constant Definition
- Empty Classes
- Magic Methods
- Forgotten Visibility
- Non Static Methods Called In A Static
- Old Style Constructor
- Property Names
- Static Methods
- Static Methods Called From Object
- Static Properties
- Constants With Strange Names
- Constants Usage
- Constants Names
- True False Inconsistant Case
- Magic Constant Usage
- PHP Constant Usage
- Caught Exceptions
- Defined Exceptions
- Thrown Exceptions
- ext/apc
- ext/bcmath
- ext/bzip2
- ext/calendar
- ext/crypto
- ext/ctype
- ext/curl
- ext/date
- ext/dba
- ext/dom
- ext/enchant
- ext/exif
- ext/fileinfo
- ext/filter
- ext/ftp
- ext/gd
- ext/gmp
- ext/gnupgp
- ext/hash
- ext/iconv
- ext/json
- ext/ldap
- ext/libxml
- ext/mbstring
- ext/mcrypt
- ext/mongo
- ext/mssql
- ext/mysql
- ext/mysqli
- ext/odbc
- ext/openssl
- ext/pcre
- ext/pdo
- ext/pgsql
- ext/phar
- ext/posix
- ext/readline
- ext/reflection
- ext/sem
- ext/session
- ext/shmop
- ext/simplexml
- ext/snmp
- ext/soap
- ext/sockets
- ext/spl
- ext/sqlite
- ext/sqlite3
- ext/ssh2
- ext/standard
- ext/tidy
- ext/tokenizer
- ext/wddx
- ext/xdebug
- ext/xmlreader
- ext/xmlrpc
- ext/xmlwriter
- ext/xsl
- ext/yaml
- ext/zip
- ext/zlib
- Closures Glossary
- Empty Function
- Function Called With Other Case Than Defined
- Functions Glossary
- Recursive Functions
- Redeclared PHP Functions
- Typehints
- Unset Arguments
- Methods Without Return
- Empty Interfaces
- Interfaces Usage
- Interfaces Names
- PHP Interfaces
- Aliases
- Namespaces Glossary
- Autoloading
- Use Lower Case For Parent, Static And Self
- Goto Names
- __halt_compiler
- Incompilable Files
- Labels
- Functions Removed In PHP 5.4
- Functions Removed In PHP 5.5
- Throw
- Trigger Errors
- Caught Expressions
- Break With 0
- Break With Non Integer
- Calltime Pass By Reference
- error_reporting() With Integers
- Eval() Usage
- Exit() Usage
- For Using Functioncall
- Forgotten Whitespace
- Iffectations
- Multiply By One
- @ Operator
- Not Not
- include_once() Usage
- Phpinfo
- No Plus One
- Using Short Tags
- Strpos()-like Comparison
- Throws An Assignement
- var_dump()… Usage
- __toString() Throws Exception
- Binary Glossary
- Continents
- Email Addresses
- Heredoc Delimiter Glossary
- Hexadecimal Glossary
- Http Headers
- HTTP Status Code
- Malformed Octal
- Md5 Strings
- Mime Types
- Nowdoc Delimiter Glossary
- Octal Glossary
- Perl Regex
- Internet Ports
- Special Integers
- All strings
- Unicode Blocks
- URL List
- Blind Variables
- Interface Arguments
- Variable References
- Static Variables
- Variables With Long Names
- Non Ascii Variables
- Variables With One Letter Names
- PHP Variables
- All Uppercase Variables
- Used Once Variables
- Variable Variables
- Abstract Class Usage
- Abstract Methods Usage
- Clone Usage
- Final Class Usage
- Final Methods Usage
- Bad Constants Names
- Variable Constants
- Empty Traits
- Redefined PHP Traits
- Traits Usage
- Trait Names
- PHP Alternative Syntax
- Short Syntax For Arrays
- inclusions
- ext/file
- Unused Use
- Use With Fully Qualified Name
- Used Use
- ext/array
- ext/info
- ext/math
- $HTTP_RAW_POST_DATA Usage
- Non-lowercase Keywords
- New Functions In PHP 5.4
- New Functions In PHP 5.5
- Useless Instructions
- Abstract Static Methods
- Interface Methods
- New Functions In PHP 5.6
- Trait Methods
- Invalid Constant Name
- Multiple Constant Definition
- Wrong Optional Parameter
- Multiple Definition Of The Same Argument
- Echo Or Print
- Use === null
- Constant Comparison
- Fopen Binary Mode
- Assertions
- $this Is Not An Array
- One Variable String
- Cast Usage
- Function Subscripting
- Nested Loops
- Close Tags
- <?= Usage
- Static Methods Can’t Contain $this
- Closure May Use $this
- While(List() = Each())
- Several Instructions On The Same Line
- One Letter Functions
- Multiples Identical Case
- Switch Without Default
- Function Subscripting, Old Style
- Internally Used Properties
- $this Belongs To Classes Or Traits
- Nested Ternary
- Switch With Too Many Default
- Non-constant Index In Array
- Undefined Constants
- Custom Constant Usage
- Instantiating Abstract Class
- Classes Mutually Extending Each Other
- Class, Interface, Enum Or Trait With Identical Names
- Empty Try Catch
- ext/pcntl
- Undefined Classes
- Is An Extension Class
- Wrong Class Name Case
- ext/redis
- Is An Extension Function
- Is An Extension Interface
- Is An Extension Constant
- Htmlentities Calls
- Bracketless Blocks
- Defined Class Constants
- Undefined Class Constants
- Unused Private Properties
- Used Static Properties
- Used Private Methods
- Unused Private Methods
- Unused Functions
- Used Functions
- Used Once Variables (In Scope)
- Undefined Functions
- Deprecated PHP Functions
- crypt() Without Salt
- mcrypt_create_iv() With Default Values
- Dangling Array References
- ext/sqlsrv
- Queries In Loops
- Var Keyword
- Native Alias Functions Usage
- Uses Default Values
- Wrong Number Of Arguments
- Hardcoded Passwords
- Functions In Loop Calls
- Unresolved Classes
- Ellipsis Usage
- Exponent Usage
- ** For Exponent
- Constructors
- Useless Constructor
- Too Many Children
- Implements Is For Interface
- Use const
- Unresolved Use
- Conditional Structures
- Unused Constants
- Undefined Parent
- Defined static:: Or self::
- Undefined static:: Or self::
- Accessing Private
- Access Protected Structures
- Parent, Static Or Self Outside Class
- ext/0mq
- ext/memcache
- ext/memcached
- Is Extension Trait
- Dynamic Function Call
- Has Variable Arguments
- Multiple Catch
- Dynamically Called Classes
- Conditioned Function
- Conditioned Constants
- Is Generator
- Try With Finally
- Use password_hash()
- Dereferencing String And Arrays
- class
- Foreach With list()
- Empty With Expression
- list() May Omit Variables
- Or Die
- Constant Conditions
- Use Const And Functions
- Constant Scalar Expressions
- Unusual Case For PHP Functions
- Multiple Returns
- Unreachable Code
- Exit-like Methods
- Written Only Variables
- Must Return Methods
- __debugInfo() Usage
- Empty Instructions
- Interpolation
- Mixed Keys Arrays
- Empty Slots In Arrays
- Wrong Number Of Arguments In Methods
- Class Has Fluent Interface
- Method Has Fluent Interface
- Method Is Not For Fluent Interface
- PHP Handlers Usage
- ext/imagick
- Unused Methods
- Property Variable Confusion
- ext/oci8
- Used Methods
- Overwritten Exceptions
- Foreach Needs Reference Array
- Foreach Reference Is Not Modified
- ext/imap
- Overwritten Class Constants
- Direct Injection
- Dynamic Class Constant
- Dynamic Methodcall
- Dynamic New
- Dynamic Property
- Don’t Change Incomings
- Super Globals Contagion
- Dynamic Classes
- Return void
- Compared Comparison
- Useless Return
- Multiple Classes In One File
- File Uploads
- Return With Parenthesis
- Unused Classes
- Used Classes
- ext/intl
- Dynamic Code
- Unpreprocessed Values
- ext/pspell
- No Direct Access
- ext/opcache
- Is PHP Constant
- Sensitive Argument
- Functioncall Is Global
- ext/expect
- Defined Properties
- Undefined Properties
- Has Magic Method
- ext/gettext
- Short Open Tags
- Strict Comparison With Booleans
- Lone Blocks
- $this Is Not For Static Methods
- Avoid sleep()/usleep()
- Argument Should Be Typehinted
- Should Be Single Quote
- Super Global Usage
- Global Usage
- PHP Keywords As Names
- Logical Should Use Symbolic Operators
- Could Use self
- Implicit Global
- Const With Array
- Catch Overwrite Variable
- Namespaces
- Avoid array_unique()
- Definitions Only
- Deep Definitions
- Constant Class
- File Is Not Definitions Only
- Global Code Only
- Preprocess Arrays
- Repeated print()
- Avoid Parenthesis With Language Construct
- Objects Don’t Need References
- Redefined Property
- Locally Unused Property
- Locally Used Property
- Lost References
- Constants Created Outside Its Namespace
- Fully Qualified Constants
- Never Used Properties
- Yoda Comparison
- No Real Comparison
- Sequences In For
- Should Use Local Class
- Use This
- Usage Of class_alias()
- Custom Class Usage
- ext/apache
- ext/eaccelerator
- ext/fpm
- parse_str() Warning
- No Direct Call To Magic Method
- String May Hold A Variable
- Echo With Concat
- Unused Global
- Useless Global
- Preprocessable
- Slow Functions
- Useless Final
- Use Constant Instead Of Function
- Resources Usage
- Useless Unset
- Buried Assignation
- Duplicate Calls
- No array_merge() In Loops
- Useless Parenthesis
- Shell Usage
- File Usage
- Mail Usage
- Dynamic Calls
- Unresolved Instanceof
- Use PHP Object API
- Unthrown Exception
- Old Style __autoload()
- Altering Foreach Without Reference
- Test Class
- Magic Visibility
- Use Pathinfo
- Should Use Existing Constants
- Hash Algorithms
- Avoid Those Hash Functions
- ext/dio
- No Parenthesis For Language Construct
- Unused Label
- No Hardcoded Path
- Methodcall On New
- No Hardcoded Port
- ext/phalcon
- Use Constant As Arguments
- Implied If
- Overwritten Literals
- Assign Default To Properties
- No Public Access
- Composer Usage
- Composer’s autoload
- Should Chain Exception
- Used Interfaces
- Unused Interfaces
- Useless Interfaces
- Undefined Interfaces
- ext/apcu
- Double Instructions
- Should Use Prepared Statement
- Is Interface Method
- Hash Algorithms Incompatible With PHP 5.3
- Hash Algorithms Incompatible With PHP 5.4/5.5
- Print And Die
- Unchecked Resources
- Class Const With Array
- ext/trader
- ext/mailparse
- ext/mail
- Unresolved Catch
- No Hardcoded Ip
- Variable Global
- Else If Versus Elseif
- Reserved Keywords In PHP 7
- Unset In Foreach
- Could Be Class Constant
- Could Be Static
- Multiple Class Declarations
- Compare Hash
- Empty Namespace
- Could Use Short Assignation
- Useless Abstract Class
- Only Static Methods Class
- Null On New
- Scalar Typehint Usage
- Return Typehint Usage
- ext/ob
- Global Import
- Static Loop
- Pre-increment
- Only Variable Returned By Reference
- ext/geoip
- ext/event
- ext/amqp
- ext/gearman
- ext/com
- ext/gmagick
- ext/ibase
- ext/inotify
- ext/xdiff
- ext/ev
- ext/php-ast
- ext/xml
- ext/xhprof
- Indices Are Int Or String
- Should Typecast
- No Self Referencing Constant
- No Direct Usage
- Break Outside Loop
- Inconsistent Concatenation
- Else Usage
- One Object Operator Per Line
- isset() With Constant
- Avoid Substr() One
- Global Inside Loop
- Anonymous Classes
- Is Global Constant
- Coalesce
- Double Assignation
- Unicode Escape Syntax
- New Functions In PHP 7.0
- PHP 7.0 Removed Functions
- PHP 7.0 New Classes
- PHP 7.0 New Interfaces
- Empty List
- List With Appends
- Simple Global Variable
- Parenthesis As Parameter
- Foreach Don’t Change Pointer
- PHP5 Indirect Variable Expression
- Php 7 Indirect Expression
- Unicode Escape Partial
- Define With Array
- PHP 7.0 Removed Directives
- Directives Usage
- Useless Brackets
- preg_replace With Option e
- eval() Without Try
- Is Not Class Family
- No List With String
- Setlocale() Uses Constants
- Global In Global
- Usort Sorting In PHP 7.0
- Hexadecimal In String
- ext/fann
- Relay Function
- func_get_arg() Modified
- Use Web
- Use Cli
- PHP Sapi
- Register Globals
- External Config Files
- Avoid get_class()
- Silently Cast Integer
- Used Trait
- Unused Traits
- PHP7 Dirname
- Error Messages
- Timestamp Difference
- Php7 Relaxed Keyword
- Not Same Name As File
- ext/pecl_http
- Joining file()
- Real Variables
- Real Functions
- Normal Methods
- Unused Parameter
- Uses Environment
- Switch To Switch
- Wrong Parameter Type
- Property Could Be Private
- Redefined Methods
- Redefined Class Constants
- File Is Component
- Redefined Default
- Wrong fopen() Mode
- Unknown Directive Name
- Confusing Names
- Is CLI Script
- PHP Bugfixes
- preg_match_all() Flag
- Safe Curl Options
- Negative Power
- Already Parents Interface
- Use random_int()
- Cant Use Return Value In Write Context
- set_exception_handler() Warning
- Can’t Extend Final
- Ternary In Concat
- Using $this Outside A Class
- Simplify Regex
- ext/tokyotyrant
- ext/v8js
- Yield Usage
- Yield From Usage
- Pear Usage
- Undefined Trait
- No Hardcoded Hash
- Identical Conditions
- Unkown Regex Options
- Random Without Try
- No Choice
- Common Alternatives
- Logical Mistakes
- Exception Order
- ext/lua
- Uncaught Exceptions
- Undefined Caught Exceptions
- Same Conditions In Condition
- Php 7.1 New Class
- Return True False
- GPRC Aliases
- Indirect Injection
- Useless Switch
- Overwriting Variable
- Could Use __DIR__
- Should Use Coalesce
- Make Global A Property
- List With Keys
- If With Same Conditions
- ext/suhosin
- Unserialize Second Arg
- Throw Functioncall
- Can’t Disable Function
- Functions Using Reference
- Use Instanceof
- Make One Call With Array
- Property Used Above
- Property Used Below
- List Short Syntax
- Results May Be Missing
- Use Nullable Type
- Defined Parent MP
- Globals
- Always Positive Comparison
- PHP 7.1 Removed Directives
- New Functions In PHP 7.1
- Multiple Exceptions Catch()
- Is Upper Family
- Empty Blocks
- Throw In Destruct
- Used Protected Method
- Unused Protected Methods
- Use System Tmp
- Linux Only Files
- No Count With 0
- Dependant Trait
- Hidden Use Expression
- Could Use Alias
- Should Make Alias
- Multiple Identical Trait Or Interface
- Multiple Alias Definitions
- Nested Ifthen
- Cast To Boolean
- Failed Substr Comparison
- Should Use Ternary Operator
- Unused Returned Value
- Modernize Empty With Expression
- Use Positive Condition
- Drop Else After Return
- Use ::Class Operator
- ext/rar
- Don’t Echo Error
- Useless Type Casting
- No isset() With empty()
- time() Vs strtotime()
- Useless Check
- Unitialized Properties
- More Than One Level Of Indentation
- One Dot Or Object Operator Per Line
- Bail Out Early
- Die Exit Consistence
- Array() / [ ] Consistence
- PHP 7.1 Microseconds
- Dont Change The Blind Var
- Getting Last Element
- Rethrown Exceptions
- Avoid Using stdClass
- Invalid Octal In String
- Avoid array_push()
- ext/nsapi
- ext/newt
- ext/ncurses
- Use Composer Lock
- Too Many Local Variables
- $GLOBALS Or global
- Illegal Name For Method
- Unset() Or (unset)
- Close Tags Consistency
- String
- Class Should Be Final By Ocramius
- ext/mongodb
- Should Use Function
- One Expression Brackets Consistency
- Fetch One Row Format
- No String With Append
- Avoid glob() Usage
- Avoid Large Array Assignation
- Could Be Protected Property
- Long Arguments
- New On Functioncall Or Identifier
- Assigned Twice
- New Line Style
- PHP 7.2 Deprecations
- PHP 7.2 Removed Functions
- Error_Log() Usage
- Raised Access Level
- No Boolean As Default
- SQL queries
- Strange Names In Classes
- ext/libsodium
- Class Function Confusion
- Forgotten Thrown
- Should Use array_column()
- Multiple Alias Definitions Per File
- __DIR__ Then Slash
- self, parent, static Outside Class
- Used Once Property
- Property Used In One Method Only
- ext/ds
- No Need For Else
- Should Use session_regenerateid()
- Strange Name For Variables
- Strange Name For Constants
- Regex Delimiter
- Could Be Typehinted Callable
- Encoded Simple Letters
- Too Many Finds
- Use Cookies
- Should Use SetCookie()
- Set Cookie Safe Arguments
- Check All Types
- Missing Cases In Switch
- New Functions In PHP 7.2
- New Constants In PHP 7.2
- Group Use Declaration
- Method Is Overwritten
- Displays Text
- Repeated Regex
- No Class In Global
- Crc32() Might Be Negative
- Could Use str_repeat()
- Suspicious Comparison
- Empty Final Element
- Strings With Strange Space
- Difference Consistence
- No Empty Regex
- Alternative Syntax Consistence
- Randomly Sorted Arrays
- ext/sphinx
- Try With Multiple Catch
- ext/grpc
- Only Variable Passed By Reference
- No Return Used
- Use Browscap
- Use Debug
- No Class As Typehint
- No Reference On Left Side
- Implemented Methods Must Be Public
- Could Typehint
- PSR-16 Usage
- PSR-7 Usage
- PSR-6 Usage
- PSR-3 Usage
- PSR-11 Usage
- PSR-13 Usage
- Mixed Concat And Interpolation
- ext/stats
- DI Cyclic Dependencies
- Concatenation Interpolation Consistence
- New Functions In PHP 7.3
- Too Many Injections
- Dependency Injection
- Courier Anti-Pattern
- ext/gender
- ext/judy
- Could Make A Function
- Forgotten Interface
- Order Of Declaration
- Yii usage
- Codeigniter usage
- Laravel usage
- Symfony usage
- Wordpress usage
- Ez cms usage
- Use session_start() Options
- Cant Inherit Abstract Method
- Joomla usage
- Non Breakable Space In Names
- Multiple Functions Declarations
- Avoid Optional Properties
- Heredoc Delimiter
- swoole
- Manipulates NaN
- Manipulates INF
- No Return Or Throw In Finally
- Const Or Define
- Mkdir Default
- strict_types Preference
- Declare strict_types Usage
- Encoding Usage
- Ticks Usage
- Mismatched Ternary Alternatives
- Mismatched Default Arguments
- Mismatched Typehint
- Scalar Or Object Property
- Group Use Trailing Comma
- Assign With And Precedence
- Logical Operators Favorite
- Isset Multiple Arguments
- No Magic Method With Array
- PHP 7.2 Object Keyword
- Child Class Removes Typehint
- ext/xattr
- Avoid Concat In Loop
- Optional Parameter
- No Substr Minus One
- Logical To in_array
- Should Use Foreach
- ext/rdkafka
- ext/fam
- Shell Favorite
- Constant Used Below
- Could Be Private Class Constant
- Could Be Protected Class Constant
- Method Used Below
- Method Could Be Private Method
- Could Be Protected Method
- Pathinfo() Returns May Vary
- Use pathinfo() Arguments
- ext/parle
- Regex Inventory
- Switch Fallthrough
- Upload Filename Injection
- Always Anchor Regex
- Multiple Type Variable
- Is Actually Zero
- Unconditional Break In Loop
- Session Lazy Write
- Session Variables
- Incoming Variables
- Cookies Variables
- Too Complex Expression
- Date Formats
- Is A Magic Property
- Could Be Else
- Simple Switch And Match
- Next Month Trap
- Printf Number Of Arguments
- Substring First
- Drupal Usage
- Ambiguous Static
- Phalcon Usage
- Fuel PHP Usage
- Use List With Foreach
- Don’t Send $this In Constructor
- Argon2 Usage
- Crypto Usage
- Integer As Property
- No get_class() With Null
- Php 7.2 New Class
- Avoid set_error_handler $context Argument
- Hash Will Use Objects
- Can’t Count Non-Countable
- Maybe Missing New
- Unknown Pcre2 Option
- Use PHP7 Encapsed Strings
- Type Array Index
- Incoming Variable Index Inventory
- Slice Arrays First
- ext/vips
- Dl() Usage
- Parent First
- environment-variables
- Invalid Regex
- Assigned In One Branch
- Use Named Boolean In Argument Definition
- Same Variable Foreach
- Never Called Parameter
- ext/igbinary
- Should Use array_filter()
- Not A Scalar Type
- Mistaken Concatenation
- Identical On Both Sides
- Identical Consecutive Expression
- No Reference For Ternary
- Sqlite3 Requires Single Quotes
- No Net For Xml Load
- Unused Inherited Variable In Closure
- Inclusion Wrong Case
- Missing Include
- Local Globals
- Useless Referenced Argument
- Fallback Function
- Reuse Existing Variable
- Double array_flip()
- Useless Catch
- Find Key Directly
- Possible Infinite Loop
- Should Use Math
- ext/hrtime
- List With Reference
- Test Then Cast
- Could Use Compact
- Foreach On Object
- ext/xxtea
- ext/uopz
- ext/varnish
- ext/opencensus
- Dynamic Library Loading
- PHP 7.3 Last Empty Argument
- Could Use array_fill_keys
- ext/leveldb
- Use Count Recursive
- Property Could Be Local
- ext/db2
- Mass Creation Of Arrays
- Too Many Native Calls
- Too Many Parameters
- Should Preprocess Chr()
- Properties Declaration Consistence
- Possible Increment
- Drop Substr Last Arg
- Redefined Private Property
- Don’t Unset Properties
- Strtr Arguments
- Processing Collector
- Missing Parenthesis
- One If Is Sufficient
- Could Use array_unique
- Callback Function Needs Return
- Wrong Range Check
- ext/zookeeper
- ext/cmark
- Failing Analysis
- Can’t Instantiate Class
- strpos() Too Much
- Typehinted References
- Do In Base
- Weak Typing
- Cache Variable Outside Loop
- Use The Blind Var
- Configure Extract
- Nonexistent Variable In compact()
- Method Signature Must Be Compatible
- Mismatch Type And Default
- Flexible Heredoc
- Check JSON
- Const Visibility Usage
- Should Use Operator
- Single Use Variables
- Strict Or Relaxed Comparison
- Comparisons Orientation
- Compared But Not Assigned Strings
- Could Be Static Closure
- move_uploaded_file Instead Of copy
- Dont Mix ++
- Can’t Throw Throwable
- Abstract Or Implements
- ext/eio
- Incompatible Signature Methods
- Ambiguous Visibilities
- Hash Algorithms Incompatible With PHP 7.1-
- Undefined ::class
- PHP 7.0 Scalar Typehints
- PHP 7.1 Scalar Typehints
- PHP 7.2 Scalar Typehints
- Locally Used Property In Trait
- ext/lzf
- ext/msgpack
- Case Insensitive Constants
- Handle Arrays With Callback
- Use is_countable
- Detect Current Class
- Avoid Real
- Const Or Define Preference
- Constant Case Preference
- Assert Function Is Reserved
- Could Be Abstract Class
- Continue Is For Loop
- PHP 7.3 Removed Functions
- Trailing Comma In Calls
- Must Call Parent Constructor
- Undefined Variable
- Undefined Insteadof
- Method Collision Traits
- Use json_decode() Options
- Class Could Be Final
- Closure Could Be A Callback
- Inconsistent Elseif
- Can’t Disable Class
- ext/seaslog
- Add Default Value
- Only Variable For Reference
- Direct Call To __clone()
- filter_input() As A Source
- Wrong Access Style to Property
- Named Regex
- Invalid Pack Format
- No Return For Generator
- Repeated Interface
- No Reference For Static Property
- Don’t Read And Write In One Expression
- Pack Format Inventory
- Printf Format Inventory
- idn_to_ascii() New Default
- Could Use Try
- Use Basename Suffix
- PHP Exception
- ext/decimal
- ext/psr
- Should Yield With Key
- Don’t Loop On Yield
- Declare Global Early
- Unreachable Class Constant
- Avoid Self In Interface
- Should Have Destructor
- Safe HTTP Headers
- fputcsv() In Loops
- Directly Use File
- Useless Method Alias
- ext/sdl
- Isset() On The Whole Array
- ext/wasm
- Self Using Trait
- Multiple Usage Of Same Trait
- Method Could Be Static
- Multiple Identical Closure
- Path lists
- Possible Missing Subpattern
- array_key_exists() Speedup
- Assign And Compare
- Typed Property Usage
- Don’t Be Too Manual
- Variable Is Not A Condition
- String Initialization
- ext/weakref
- ext/pcov
- Insufficient Typehint
- Bad Typehint Relay
- Constant Dynamic Creation
- PHP 8.0 Removed Functions
- PHP 8.0 Removed Constants
- Law of Demeter
- An OOP Factory
- Typehint Must Be Returned
- Inconsistent Variable Usage
- Should Deep Clone
- Clone With Non-Object
- Self-Transforming Variables
- Check On __Call Usage
- PHP Overridden Function
- Caught Variable
- Multiple Unset()
- Implode One Arg
- Insecure Integer Validation
- Incoming Values
- ext/svm
- Useless Default Argument
- Avoid option arrays in constructors
- ext/ffi
- ext/password
- ext/zend_monitor
- ext/uuid
- Already Parents Trait
- Trait Not Found
- Casting Ternary
- Concat Empty String
- Concat And Addition
- Useless Argument
- New Functions In PHP 7.4
- Unpacking Inside Arrays
- Minus One On Error
- No Need For get_class()
- Identical Methods
- No Append On Source
- Autoappend
- Memoize MagicCall
- Make Magic Concrete
- Substr To Trim
- Regex On Arrays
- Always Use Function With array_key_exists()
- Complex Dynamic Names
- curl_version() Has No Argument
- Php 7.4 New Classes
- New Constants In PHP 7.4
- Unused Class Constant
- Could Be Constant
- Could Use Trait
- Infinite Recursion
- Null Or Boolean Arrays
- Dependant Abstract Classes
- Wrong Type Returned
- Generator Cannot Return
- Methods That Should Not Be Used
- Use DateTimeImmutable Class
- Set Aside Code
- Use Array Functions
- Useless Type Check
- Disconnected Classes
- Not Or Tilde
- Overwritten Source And Value
- Avoid mb_dectect_encoding()
- PHP 7.4 Removed Functions
- mb_strrpos() Third Argument
- array_key_exists() Works On Arrays
- Reflection Export() Is Deprecated
- Unbinding Closures
- Numeric Literal Separator
- Class Without Parent
- Serialize Magic Method
- Scalar Are Not Arrays
- Similar Integers
- Php Native Reference Variable
- Create Compact Variables
- Propagate Constants
- PHP 7.4 Reserved Keyword
- No ENT_IGNORE
- No More Curly Arrays
- Overwritten Properties
- Overwritten Methods
- Overwritten Constant
- Set Clone Link
- Create Magic Property
- Set Parent Definition
- Make Class Method Definition
- Create Default Values
- array_merge() And Variadic
- Set class_alias() Definition
- Make Class Constant Definition
- Set Class Remote Definition With Injection
- Solve Trait Methods
- Follow Closure Definition
- PHP 7.4 Constant Deprecation
- Implode() Arguments Order
- PHP 7.4 Removed Directives
- Hash Algorithms Incompatible With PHP 7.4-
- openssl_random_pseudo_byte() Second Argument
- strip_tags() Skips Closed Tag
- No Spread For Hash
- Use Covariance
- Use Contravariance
- Set Class Remote Definition With Return Typehint
- Set Class Remote Definition With Local New
- Set Class Remote Definition With Typehint
- Set Class Remote Definition With Global
- Set Class Remote Definition With Parenthesis
- Set Class Property Definition With Typehint
- Set Array Class Definition
- Set Class Method Remote Definition
- Use Arrow Functions
- Max Level Of Nesting
- Environment Variable Usage
- Indentation Levels
- Spread Operator For Array
- Nested Ternary Without Parenthesis
- Cyclomatic Complexity
- Should Use Explode Args
- Use array_slice()
- PHP 74 New Directives
- Too Many Array Dimensions
- Coalesce And Concat
- Comparison Is Always The Same
- Incompatible Signature Methods With Covariance
- Interfaces Is Not Implemented
- No Literal For Reference
- Magic Properties
- Interfaces Don’t Ensure Properties
- Collect Literals
- Duplicate Literal
- No Weak SSL Crypto
- Internet Domains
- No mb_substr In Loop
- Collect Parameter Counts
- Collect Local Variable Counts
- Non Nullable Getters
- Use The Case Value
- Dereferencing Levels
- Too Many Dereferencing
- Should Use Url Query Functions
- Make Functioncall With Reference
- Foreach() Favorite
- Can’t Implement Traversable
- Parameter Hiding
- Wrong Function Name Case
- Propagate Calls
- Is_A() With String
- Mbstring Unknown Encoding
- Collect Mbstring Encodings
- Weird Array Index
- Filter To add_slashes()
- Mbstring Third Arg
- Typehinting Stats
- Typo 3 usage
- Concrete5 usage
- Wrong Case Namespaces
- Create Foreach Default
- Immutable Signature
- Merge If Then
- Wrong Type With Call
- Could Type With Int
- Could Type With String
- Could Type With Array
- Could Type With Boolean
- Shell commands
- Could Type With Iterable
- Insufficient Property Typehint
- inclusions
- Typehint Order
- New Order
- Wrong Typehinted Name
- Links Between Parameter And Argument
- Exceeding Typehint
- Nullable Without Check
- Collect Class Interface Counts
- Collect Class Depth
- Collect Class Children Count
- Semantic Typing
- Missing Typehint
- Fossilized Method
- Not Equal Is Not !==
- Coalesce Equal
- Possible Interfaces
- Constant Order
- Php 8.0 Variable Syntax Tweaks
- New Functions In PHP 8.0
- Dont Collect Void
- Php 8.0 Only TypeHints
- Union Typehint
- Uninitialized Property
- Wrong Typed Property Default
- Signature Trailing Comma
- Hidden Nullable Typehint
- Fn Argument Variable Confusion
- Missing Abstract Method
- Throw Was An Expression
- OpenSSL Ciphers Used
- Unused Trait In Class
- Keep Files Access Restricted
- Check Crypto Key Length
- Undefined Constant Name
- Dynamic Self Calls
- Prefix And Suffixes With Typehint
- Using Deprecated Method
- Too Long A Block
- Static Global Variables Confusion
- Possible Alias Confusion
- Collect Property Counts
- Collect Method Counts
- Collect Class Constant Counts
- Too Much Indented
- Safe Phpvariables
- Could Be String
- Could Be Boolean
- Could Be Void
- Extended Typehints
- Could Be Array Typehint
- Could Be CIT
- Protocol lists
- Cyclic References
- Double Object Assignation
- Could Not Type
- Could Be Callable
- Wrong Argument Type
- Type Could Be Integer
- Call Order
- Could Be Null
- Typehint Could Be Iterable
- Uses PHP 8 Match()
- Could Be Float
- Mismatch Properties Typehints
- Could Be Self
- Could Be Parent
- Collect Parameter Names
- No Need For Triple Equal
- Array_merge Needs Array Of Arrays
- Avoid Compare Typed Boolean
- Abstract Away
- Wrong Type For Native PHP Function
- Large Try Block
- Catch With Undefined Variable
- Swapped Arguments
- Fossilized Methods List
- GLOB_BRACE Usage
- Iconv With Translit
- Collect Static Class Changes
- Different Argument Counts
- Use PHP Attributes
- Use NullSafe Operator
- Use Closure Trailing Comma
- Unknown Parameter Name
- Missing Some Returntype
- Don’t Pollute Global Space
- Collect Variables
- Could Be Parent Method
- Collect Global Variables
- Collect Readability
- Collect Definitions Statistics
- Collect Class Traits Counts
- Collect Native Calls Per Expressions
- Cancel Common Method
- Function With Dynamic Code
- Cast Unset Usage
- $php_errormsg Usage
- Mismatch Parameter Name
- Multiple Declaration Of Strict_types
- Collect Files Dependencies
- Collect Atom Counts
- Collect Classes Dependencies
- Collect Php Structures
- Mismatch Parameter And Type
- Array_Fill() With Objects
- Modified Typed Parameter
- Assumptions
- Collect Use Counts
- Useless Typehint
- PHP 8.0 Removed Directives
- Unsupported Types With Operators
- Negative Start Index In Array
- Php Ext Stub Property And Method
- Optimize Explode()
- Could Use Promoted Properties
- Could Be Stringable
- Nullable With Constant
- Use get_debug_type()
- Collect Block Size
- Use str_contains()
- PHP 8.0 Resources Turned Into Objects
- PHP 80 Named Parameter Variadic
- Unused Exception Variable
- Wrong Attribute Configuration
- Cancelled Parameter
- Constant Typo Looks Like A Variable
- Final Private Methods
- Array_Map() Passes By Value
- Missing __isset() Method
- Searching For Multiple Keys
- Long Preparation For Throw
- Modify Immutable
- Reserved Match Keyword
- No Static Variable In A Method
- Declare Static Once
- Avoid get_object_vars()
- Could Use Match
- Only Container For Reference
- Cannot Use Static For Closure
- Multiple Property Declaration On One Line
- Could Be Generator
- Only First Byte
- Restrict Global Usage
- Inherited Property Type Must Match
- No Object As Index
- Class Overreach
- Inherited Static Variable
- Enum Usage
- PHP 8.1 Removed Directives
- Htmlentities Using Default Flag
- Openssl Encrypt Default Algorithm Change
- PHP 8.1 Removed Constants
- Wrong Argument Name With PHP Function
- Duplicate Named Parameter
- PHP Native Class Type Compatibility
- Missing Attribute Attribute
- $FILES full_path
- No Null For Native PHP Functions
- Calling Static Trait Method
- No Referenced Void
- PHP Native Interfaces and Return Type
- Final Constant
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- First Class Callable
- New Functions In PHP 8.1
- PHP 8.1 Removed Functions
- Never Keyword
- Mixed Keyword
- Mixed Typehint Usage
- False To Array Conversion
- Float Conversion As Index
- Cannot Call Static Trait Method Directly
- Nested Attributes
- New Initializers
- Deprecated Callable
- Promoted Properties
- Overwritten Foreach Var
- Null Type Favorite
- Checks Property Existence
- Variable Anf Property Typehint
- Extends stdClass
- Scope Resolution Operator
- Could Use Nullable Object Operator
- Cant Overload Constants
- Variable Is A Local Constant
- Argument Could Be Iterable
- Intersection Typehint
- Abstract Class Constants
- Recycled Variables
- Check Division By Zero
- Getter And Setter
- Multiple Similar Calls
- Could Be Ternary
- Use File Append
- Readonly Usage
- Missing Visibility
- Could Use Existing Constant
- Dont Reuse Foreach Source
- Collect Dependency Extension
- Public Reach To Private Methods
- Unreachable Method
- Static Call May Be Truly Static
- Could Use array_sum()
- Undefined Methods
- Is Stub Structure
- Is PHP Structure
- Is Extension Structure
- Unfinished Object
- Use class_alias()
- Undefined Enumcase
- Too Many Stringed Elseif
- Missing Typehints
- Identical Elseif
- Simplify Foreach
- Use Variable Created Inside Loop
- String Interpolation Favorite
- Type Could Be Never
- Dont Add Seconds
- Use Constants As Returns
- Identical Variables In Foreach
- Cant Overwrite Final Constant
- String Int Comparison
- Add Return Typehint
- ext/protobuf
- Constant : With Or Without Use
- No Constructor In Interface
- Could Be A Constant
- Create Magic Method
- Unsupported Operand Types
- array_merge With Ellipsis
- Is Library
- version_compare Operator
- PHP 8.1 Resources Turned Into Objects
- Do Not Cast To Int
- Constant Scalar Expression
- Windows Only Constants
- Could Be Spaceship
- Sylius usage
- Dollar Curly Interpolation Is Deprecated
- Unused Enumeration Case
- Useless Null Coalesce
- Throw Raw Exceptions
- Extensions yar
- Collect Stub Structures
- Lowered Access Level
- Cant Overwrite Final Method
- Implicit Conversion To Int
- Excimer
- Use Same Types For Comparisons
- Used Once Trait
- Make All Statics
- Wrong Locale
- ext/pkcs11
- ext/spx
- Parent Is Not Static
- No Magic Method For Enum
- No Readonly Assignation In Global
- Stomp
- ext/CSV
- Could Set Property Default
- Identity
- Overload Existing Names
- Incoming Date Formats
- Collect Vendor Structures
- Array Addition
- Retyped Reference
- Could Be Enumeration
- Wrong Type With Default
- Ice framework
- Extensions/Exttaint
- Sprintf Format Compilation
- Invalid Date Scanning Format
- Same Name For Property And Method
- No Private Abstract Method In Trait
- Utf8 Encode And Decode Are Deprecated
- Magic Method Returntype Is Restricted
- If Then Return Favorite
- Typehints/CouldBeResource
- DateTimeImmutable Is Not Immutable
- New Functions In PHP 8.2
- Empty Array Detection
- Strict In_Array() Preference
- No Default For Referenced Parameter
- Clone Constant
- Enum Case Values
- Random extension
- Ip
- Could Inject Param
- ext/scrypt
- ext/teds
- Geospatial
- Feast usage
- date() versus DateTime Preference
- Unused Public Method
- Could Be Abstract Method
- Solve Trait Constants
- No Keyword In Namespace
- Ambiguous Types With Variables
- Set Chaining Exception
- Could Use Class Operator
- Mbstring Unknown Encodings
- Named Argument And Variadic
- Coalesce And Ternary Operators Order
- Useless Assignation Of Promoted Property
- Method Property Confusion
- Could Use Namespace Magic Constant
- Incompatible Types With Incoming Values
- Method Usage
- Too Many Chained Calls
- Empty Loop
- Too Many Extractions
- No Variable Needed
- Possible TypeError
- Json_encode() Without Exceptions
- No Initial S In Variable Names
- Collect Calls
- Set Method Fnp
- Type Dodging
- Skip Empty Array
- Useless Method
- Weak Type With Array
- Class Could Be Readonly
- Multiple Type Cases In Switch
- Class Invasion
- Property Invasion
- Filter Not Raw
- Collect SetLocale
- Plus Plus Used On Strings
- No Max On Empty Array
- No Empty String With explode()
- Array Access On Literal Array
- Double Checks
- strpos() With Integers
- Unvalidated Data Cached In Session
- Ellipsis Merge
- superglobals
- New Functions In PHP 8.3
- Use str_ends_with()
- Use str_starts_with()
- Missing Assignation In Command
- Mono Or Multibytes Favorite
- Argument Counts Per Calls
- Global Definitions
- Short Ternary
- Deprecated Mb_string Encodings
- Pre-Calculate Use
- No Valid Cast
- Init Then Update
- Different Constructors
- Sidelined Method
- Misused Yield
- Substr() In Loops
- Should Cache Local
- Php 8.3 New Classes
- Rewrote Final Class Constant
- Useless Constant Overwrite
- Blind Variable Used Beyond Loop
- Recalled Condition
- Incompatible Property Between Class And Trait
- Collect Methods Throwing Exceptions
- Static Call With Self
- Use DNF
- Collect Throw Calls
- Collect Compared Literals
- Could Be array_combine()
- Comparison On Different Types
- No Null For Index
- Collects Names
- Useless Try
- Converted Exceptions
- Method Is Not An If
- Default Then Discard
- Class Injection Count
- Collect Property Usage
- Collect Structures
- Collect Catch Calls
- Identical Case In Switch
- StandaloneType True False Null
- Constants In Traits
- Short Or Complete Comparison
2.3.1.1. Specs¶
Short name | All |
Available in | Entreprise Edition, Exakat Cloud |
2.3.2. Analyze¶
This ruleset centralizes a large number of classic trap and pitfalls when writing PHP.
Total : 479 analysis
- Adding Zero
- Ambiguous Array Index
- Multiple Index Definition
- Empty Classes
- Forgotten Visibility
- Non Static Methods Called In A Static
- Old Style Constructor
- Static Methods Called From Object
- Empty Function
- Redeclared PHP Functions
- Methods Without Return
- Empty Interfaces
- Incompilable Files
- error_reporting() With Integers
- Eval() Usage
- Exit() Usage
- Forgotten Whitespace
- Iffectations
- Multiply By One
- @ Operator
- Not Not
- include_once() Usage
- Strpos()-like Comparison
- Throws An Assignement
- var_dump()… Usage
- __toString() Throws Exception
- Non Ascii Variables
- Used Once Variables
- Bad Constants Names
- Empty Traits
- Use With Fully Qualified Name
- Useless Instructions
- Abstract Static Methods
- Invalid Constant Name
- Multiple Constant Definition
- Wrong Optional Parameter
- Use === null
- $this Is Not An Array
- One Variable String
- Static Methods Can’t Contain $this
- While(List() = Each())
- Several Instructions On The Same Line
- Multiples Identical Case
- Switch Without Default
- $this Belongs To Classes Or Traits
- Nested Ternary
- Non-constant Index In Array
- Undefined Constants
- Instantiating Abstract Class
- Class, Interface, Enum Or Trait With Identical Names
- Empty Try Catch
- Undefined Classes
- Htmlentities Calls
- Undefined Class Constants
- Used Once Variables (In Scope)
- Undefined Functions
- Deprecated PHP Functions
- Dangling Array References
- Queries In Loops
- Var Keyword
- Native Alias Functions Usage
- Uses Default Values
- Wrong Number Of Arguments
- Hardcoded Passwords
- Unresolved Classes
- Useless Constructor
- Implements Is For Interface
- Use const
- Unresolved Use
- Undefined Parent
- Undefined static:: Or self::
- Accessing Private
- Access Protected Structures
- Parent, Static Or Self Outside Class
- list() May Omit Variables
- Or Die
- Written Only Variables
- Must Return Methods
- Empty Instructions
- Overwritten Exceptions
- Foreach Reference Is Not Modified
- Don’t Change Incomings
- Compared Comparison
- Useless Return
- Unused Classes
- Unpreprocessed Values
- Undefined Properties
- Short Open Tags
- Strict Comparison With Booleans
- Lone Blocks
- $this Is Not For Static Methods
- Global Usage
- Logical Should Use Symbolic Operators
- Could Use self
- Catch Overwrite Variable
- Deep Definitions
- Repeated print()
- Avoid Parenthesis With Language Construct
- Objects Don’t Need References
- Lost References
- Constants Created Outside Its Namespace
- Fully Qualified Constants
- Never Used Properties
- No Real Comparison
- Should Use Local Class
- No Direct Call To Magic Method
- String May Hold A Variable
- Echo With Concat
- Unused Global
- Useless Global
- Preprocessable
- Useless Final
- Use Constant Instead Of Function
- Useless Unset
- Buried Assignation
- No array_merge() In Loops
- Useless Parenthesis
- Unresolved Instanceof
- Use PHP Object API
- Unthrown Exception
- Old Style __autoload()
- Altering Foreach Without Reference
- Use Pathinfo
- Should Use Existing Constants
- Hash Algorithms
- No Parenthesis For Language Construct
- No Hardcoded Path
- No Hardcoded Port
- Use Constant As Arguments
- Implied If
- Overwritten Literals
- Assign Default To Properties
- No Public Access
- Should Chain Exception
- Useless Interfaces
- Undefined Interfaces
- Double Instructions
- Should Use Prepared Statement
- Print And Die
- Unchecked Resources
- No Hardcoded Ip
- Else If Versus Elseif
- Unset In Foreach
- Could Be Static
- Multiple Class Declarations
- Empty Namespace
- Could Use Short Assignation
- Useless Abstract Class
- Static Loop
- Pre-increment
- Only Variable Returned By Reference
- Indices Are Int Or String
- Should Typecast
- No Self Referencing Constant
- No Direct Usage
- Break Outside Loop
- Avoid Substr() One
- Double Assignation
- Empty List
- Useless Brackets
- preg_replace With Option e
- eval() Without Try
- Relay Function
- func_get_arg() Modified
- Avoid get_class()
- Silently Cast Integer
- Timestamp Difference
- Unused Parameter
- Switch To Switch
- Wrong Parameter Type
- Wrong fopen() Mode
- Negative Power
- Already Parents Interface
- Use random_int()
- Can’t Extend Final
- Ternary In Concat
- Using $this Outside A Class
- Undefined Trait
- No Hardcoded Hash
- Identical Conditions
- Unkown Regex Options
- No Choice
- Common Alternatives
- Logical Mistakes
- Uncaught Exceptions
- Same Conditions In Condition
- Return True False
- Useless Switch
- Could Use __DIR__
- Should Use Coalesce
- Make Global A Property
- If With Same Conditions
- Throw Functioncall
- Use Instanceof
- Results May Be Missing
- Always Positive Comparison
- Empty Blocks
- Throw In Destruct
- Use System Tmp
- Dependant Trait
- Hidden Use Expression
- Should Make Alias
- Multiple Identical Trait Or Interface
- Multiple Alias Definitions
- Nested Ifthen
- Cast To Boolean
- Failed Substr Comparison
- Should Use Ternary Operator
- Unused Returned Value
- Modernize Empty With Expression
- Use Positive Condition
- Drop Else After Return
- Use ::Class Operator
- Don’t Echo Error
- Useless Type Casting
- No isset() With empty()
- Useless Check
- Bail Out Early
- Dont Change The Blind Var
- Avoid Using stdClass
- Too Many Local Variables
- Illegal Name For Method
- Long Arguments
- Assigned Twice
- No Boolean As Default
- Forgotten Thrown
- Multiple Alias Definitions Per File
- __DIR__ Then Slash
- self, parent, static Outside Class
- Used Once Property
- Property Used In One Method Only
- No Need For Else
- Strange Name For Constants
- Too Many Finds
- Should Use SetCookie()
- Check All Types
- Missing Cases In Switch
- Repeated Regex
- No Class In Global
- Crc32() Might Be Negative
- Could Use str_repeat()
- Suspicious Comparison
- Strings With Strange Space
- No Empty Regex
- Alternative Syntax Consistence
- Randomly Sorted Arrays
- Only Variable Passed By Reference
- No Return Used
- No Reference On Left Side
- Implemented Methods Must Be Public
- Mixed Concat And Interpolation
- Too Many Injections
- Could Make A Function
- Forgotten Interface
- Avoid Optional Properties
- Mismatched Ternary Alternatives
- Mismatched Default Arguments
- Mismatched Typehint
- Scalar Or Object Property
- Assign With And Precedence
- No Magic Method With Array
- Logical To in_array
- Pathinfo() Returns May Vary
- Multiple Type Variable
- Is Actually Zero
- Unconditional Break In Loop
- Could Be Else
- Next Month Trap
- Printf Number Of Arguments
- Ambiguous Static
- Don’t Send $this In Constructor
- No get_class() With Null
- Maybe Missing New
- Unknown Pcre2 Option
- Parent First
- Invalid Regex
- Use Named Boolean In Argument Definition
- Same Variable Foreach
- Never Called Parameter
- Identical On Both Sides
- Identical Consecutive Expression
- No Reference For Ternary
- Unused Inherited Variable In Closure
- Inclusion Wrong Case
- Missing Include
- Useless Referenced Argument
- Useless Catch
- Possible Infinite Loop
- Test Then Cast
- Foreach On Object
- Property Could Be Local
- Too Many Native Calls
- Don’t Unset Properties
- Strtr Arguments
- Missing Parenthesis
- Callback Function Needs Return
- Wrong Range Check
- Can’t Instantiate Class
- strpos() Too Much
- Typehinted References
- Weak Typing
- Method Signature Must Be Compatible
- Mismatch Type And Default
- Check JSON
- Dont Mix ++
- Can’t Throw Throwable
- Abstract Or Implements
- Incompatible Signature Methods
- Ambiguous Visibilities
- Undefined ::class
- Assert Function Is Reserved
- Could Be Abstract Class
- Continue Is For Loop
- Must Call Parent Constructor
- Undefined Variable
- Undefined Insteadof
- Method Collision Traits
- Class Could Be Final
- Inconsistent Elseif
- Only Variable For Reference
- Wrong Access Style to Property
- Invalid Pack Format
- Repeated Interface
- Don’t Read And Write In One Expression
- Should Yield With Key
- Useless Method Alias
- Method Could Be Static
- Possible Missing Subpattern
- Assign And Compare
- Variable Is Not A Condition
- Insufficient Typehint
- Typehint Must Be Returned
- Clone With Non-Object
- Check On __Call Usage
- Avoid option arrays in constructors
- Already Parents Trait
- Trait Not Found
- Casting Ternary
- Concat Empty String
- Concat And Addition
- No Append On Source
- Memoize MagicCall
- Unused Class Constant
- Infinite Recursion
- Null Or Boolean Arrays
- Dependant Abstract Classes
- Wrong Type Returned
- Overwritten Source And Value
- Avoid mb_dectect_encoding()
- array_key_exists() Works On Arrays
- Class Without Parent
- Scalar Are Not Arrays
- array_merge() And Variadic
- Implode() Arguments Order
- strip_tags() Skips Closed Tag
- No Spread For Hash
- Max Level Of Nesting
- Should Use Explode Args
- Use array_slice()
- Too Many Array Dimensions
- Coalesce And Concat
- Comparison Is Always The Same
- Incompatible Signature Methods With Covariance
- Interfaces Is Not Implemented
- No Literal For Reference
- Interfaces Don’t Ensure Properties
- Non Nullable Getters
- Too Many Dereferencing
- Can’t Implement Traversable
- Is_A() With String
- Mbstring Unknown Encoding
- Mbstring Third Arg
- Merge If Then
- Wrong Type With Call
- Not Equal Is Not !==
- Dont Collect Void
- Wrong Typed Property Default
- Hidden Nullable Typehint
- Fn Argument Variable Confusion
- Missing Abstract Method
- Undefined Constant Name
- Using Deprecated Method
- Cyclic References
- Double Object Assignation
- Wrong Argument Type
- Mismatch Properties Typehints
- No Need For Triple Equal
- Array_merge Needs Array Of Arrays
- Wrong Type For Native PHP Function
- Catch With Undefined Variable
- Swapped Arguments
- Different Argument Counts
- Unknown Parameter Name
- Missing Some Returntype
- Don’t Pollute Global Space
- Mismatch Parameter Name
- Multiple Declaration Of Strict_types
- Array_Fill() With Objects
- Modified Typed Parameter
- Assumptions
- Unsupported Types With Operators
- Wrong Attribute Configuration
- Cancelled Parameter
- Constant Typo Looks Like A Variable
- Array_Map() Passes By Value
- Missing __isset() Method
- Modify Immutable
- Only Container For Reference
- Cannot Use Static For Closure
- Only First Byte
- Inherited Property Type Must Match
- No Object As Index
- Htmlentities Using Default Flag
- Wrong Argument Name With PHP Function
- Duplicate Named Parameter
- PHP Native Class Type Compatibility
- Missing Attribute Attribute
- No Null For Native PHP Functions
- No Referenced Void
- PHP Native Interfaces and Return Type
- New Functions In PHP 8.1
- Never Keyword
- False To Array Conversion
- Float Conversion As Index
- Cannot Call Static Trait Method Directly
- Overwritten Foreach Var
- Recycled Variables
- Check Division By Zero
- Dont Reuse Foreach Source
- Unreachable Method
- Unfinished Object
- Undefined Enumcase
- Dont Add Seconds
- Use Constants As Returns
- Identical Variables In Foreach
- Cant Overwrite Final Constant
- Unsupported Operand Types
- version_compare Operator
- Do Not Cast To Int
- Could Be Spaceship
- Unused Enumeration Case
- Useless Null Coalesce
- Throw Raw Exceptions
- Implicit Conversion To Int
- Use Same Types For Comparisons
- Wrong Locale
- Parent Is Not Static
- No Magic Method For Enum
- No Readonly Assignation In Global
- Overload Existing Names
- Retyped Reference
- Wrong Type With Default
- Sprintf Format Compilation
- Invalid Date Scanning Format
- Same Name For Property And Method
- DateTimeImmutable Is Not Immutable
- No Default For Referenced Parameter
- Clone Constant
- Could Inject Param
- Unused Public Method
- Mbstring Unknown Encodings
- Coalesce And Ternary Operators Order
- Useless Assignation Of Promoted Property
- Empty Loop
- Useless Method
- Weak Type With Array
- No Empty String With explode()
- Double Checks
- strpos() With Integers
- Missing Assignation In Command
- No Valid Cast
- Misused Yield
- No Null For Index
- Useless Try
- Converted Exceptions
- Method Is Not An If
- Default Then Discard
- Identical Case In Switch
- StandaloneType True False Null
2.3.2.1. Specs¶
Short name | Analyze |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
Reports | Ambassador, Diplomat |
2.3.3. Appinfo¶
A set of rules that describes with PHP features is used in the code.
Total : 383 analysis
- Array Index
- Multidimensional Arrays
- PHP Arrays Index
- Classes Names
- Constant Definition
- Magic Methods
- Old Style Constructor
- Static Methods
- Static Properties
- Constants Usage
- Magic Constant Usage
- PHP Constant Usage
- Defined Exceptions
- Thrown Exceptions
- ext/apc
- ext/bcmath
- ext/bzip2
- ext/calendar
- ext/crypto
- ext/ctype
- ext/curl
- ext/date
- ext/dba
- ext/dom
- ext/enchant
- ext/exif
- ext/fileinfo
- ext/filter
- ext/ftp
- ext/gd
- ext/gmp
- ext/gnupgp
- ext/hash
- ext/iconv
- ext/json
- ext/ldap
- ext/libxml
- ext/mbstring
- ext/mcrypt
- ext/mongo
- ext/mssql
- ext/mysql
- ext/mysqli
- ext/odbc
- ext/openssl
- ext/pcre
- ext/pdo
- ext/pgsql
- ext/phar
- ext/posix
- ext/readline
- ext/reflection
- ext/sem
- ext/session
- ext/shmop
- ext/simplexml
- ext/snmp
- ext/soap
- ext/sockets
- ext/spl
- ext/sqlite
- ext/sqlite3
- ext/ssh2
- ext/standard
- ext/tidy
- ext/tokenizer
- ext/wddx
- ext/xdebug
- ext/xmlreader
- ext/xmlrpc
- ext/xmlwriter
- ext/xsl
- ext/yaml
- ext/zip
- ext/zlib
- Closures Glossary
- Functions Glossary
- Recursive Functions
- Redeclared PHP Functions
- Typehints
- Interfaces Names
- Aliases
- Namespaces Glossary
- Autoloading
- Goto Names
- __halt_compiler
- Incompilable Files
- Labels
- Throw
- Trigger Errors
- Caught Expressions
- Eval() Usage
- Exit() Usage
- @ Operator
- include_once() Usage
- Using Short Tags
- Binary Glossary
- Email Addresses
- Heredoc Delimiter Glossary
- Hexadecimal Glossary
- Md5 Strings
- Nowdoc Delimiter Glossary
- Octal Glossary
- URL List
- Variable References
- Static Variables
- Variables With Long Names
- Variable Variables
- Abstract Class Usage
- Abstract Methods Usage
- Clone Usage
- Variable Constants
- Redefined PHP Traits
- Traits Usage
- Trait Names
- PHP Alternative Syntax
- Short Syntax For Arrays
- inclusions
- ext/file
- ext/array
- ext/info
- ext/math
- $HTTP_RAW_POST_DATA Usage
- Assertions
- Cast Usage
- Function Subscripting
- Nested Loops
- <?= Usage
- ext/pcntl
- ext/redis
- ext/sqlsrv
- Ellipsis Usage
- ext/0mq
- ext/memcache
- ext/memcached
- Dynamic Function Call
- Has Variable Arguments
- Multiple Catch
- Dynamically Called Classes
- Conditioned Function
- Conditioned Constants
- Is Generator
- Try With Finally
- Dereferencing String And Arrays
- Constant Scalar Expressions
- ext/imagick
- ext/oci8
- ext/imap
- Overwritten Class Constants
- Dynamic Class Constant
- Dynamic Methodcall
- Dynamic New
- Dynamic Property
- Dynamic Classes
- Multiple Classes In One File
- File Uploads
- ext/intl
- Dynamic Code
- ext/pspell
- No Direct Access
- ext/opcache
- ext/expect
- ext/gettext
- Super Global Usage
- Global Usage
- Namespaces
- Deep Definitions
- File Is Not Definitions Only
- Usage Of class_alias()
- ext/apache
- ext/eaccelerator
- ext/fpm
- Resources Usage
- Shell Usage
- File Usage
- Mail Usage
- Dynamic Calls
- Test Class
- ext/dio
- ext/phalcon
- Composer Usage
- Composer’s autoload
- ext/apcu
- ext/trader
- ext/mailparse
- ext/mail
- Scalar Typehint Usage
- Return Typehint Usage
- ext/ob
- ext/geoip
- ext/event
- ext/amqp
- ext/gearman
- ext/com
- ext/gmagick
- ext/ibase
- ext/inotify
- ext/xdiff
- ext/ev
- ext/php-ast
- ext/xml
- ext/xhprof
- Else Usage
- Anonymous Classes
- Coalesce
- Directives Usage
- Global In Global
- ext/fann
- Use Web
- Use Cli
- Error Messages
- Php7 Relaxed Keyword
- ext/pecl_http
- Uses Environment
- Redefined Methods
- Is CLI Script
- PHP Bugfixes
- ext/tokyotyrant
- ext/v8js
- Yield Usage
- Yield From Usage
- Pear Usage
- ext/lua
- List With Keys
- ext/suhosin
- Can’t Disable Function
- Functions Using Reference
- List Short Syntax
- Use Nullable Type
- Multiple Exceptions Catch()
- ext/rar
- ext/nsapi
- ext/newt
- ext/ncurses
- Use Composer Lock
- String
- ext/mongodb
- Error_Log() Usage
- SQL queries
- ext/libsodium
- ext/ds
- Use Cookies
- Group Use Declaration
- ext/sphinx
- Try With Multiple Catch
- ext/grpc
- Use Browscap
- Use Debug
- PSR-16 Usage
- PSR-7 Usage
- PSR-6 Usage
- PSR-3 Usage
- PSR-11 Usage
- PSR-13 Usage
- ext/stats
- Dependency Injection
- Courier Anti-Pattern
- ext/gender
- ext/judy
- Yii usage
- Codeigniter usage
- Laravel usage
- Symfony usage
- Wordpress usage
- Ez cms usage
- Joomla usage
- Non Breakable Space In Names
- Multiple Functions Declarations
- swoole
- Manipulates NaN
- Manipulates INF
- Const Or Define
- strict_types Preference
- Declare strict_types Usage
- Encoding Usage
- Ticks Usage
- ext/xattr
- ext/rdkafka
- ext/fam
- ext/parle
- Regex Inventory
- Too Complex Expression
- Drupal Usage
- Phalcon Usage
- Fuel PHP Usage
- Argon2 Usage
- Crypto Usage
- Type Array Index
- Incoming Variable Index Inventory
- ext/vips
- Dl() Usage
- environment-variables
- ext/igbinary
- Fallback Function
- ext/hrtime
- ext/xxtea
- ext/uopz
- ext/varnish
- ext/opencensus
- ext/leveldb
- ext/db2
- ext/zookeeper
- ext/cmark
- Const Visibility Usage
- ext/eio
- ext/lzf
- ext/msgpack
- Case Insensitive Constants
- Handle Arrays With Callback
- Trailing Comma In Calls
- Can’t Disable Class
- ext/seaslog
- Pack Format Inventory
- Printf Format Inventory
- ext/decimal
- ext/psr
- ext/sdl
- ext/wasm
- Path lists
- Typed Property Usage
- ext/weakref
- ext/pcov
- Constant Dynamic Creation
- An OOP Factory
- PHP Overridden Function
- ext/svm
- ext/ffi
- ext/password
- ext/zend_monitor
- ext/uuid
- Numeric Literal Separator
- Use Covariance
- Use Contravariance
- Use Arrow Functions
- Spread Operator For Array
- Nested Ternary Without Parenthesis
- Typo 3 usage
- Concrete5 usage
- Immutable Signature
- Shell commands
- Links Between Parameter And Argument
- Php 8.0 Variable Syntax Tweaks
- Php 8.0 Only TypeHints
- Union Typehint
- Protocol lists
- Use PHP Attributes
- Use NullSafe Operator
- Use Closure Trailing Comma
- Class Overreach
- Final Constant
- Never Typehint Usage
- Named Parameter Usage
- First Class Callable
- Never Keyword
- Mixed Typehint Usage
- Nested Attributes
- New Initializers
- Promoted Properties
- Intersection Typehint
- Readonly Usage
- Use class_alias()
- ext/protobuf
- Constant Scalar Expression
- Sylius usage
- Extensions yar
- Excimer
- ext/pkcs11
- ext/spx
- Stomp
- ext/CSV
- Array Addition
- Ice framework
- Extensions/Exttaint
- Random extension
- Ip
- ext/scrypt
- ext/teds
- Geospatial
- Feast usage
- date() versus DateTime Preference
- Plus Plus Used On Strings
- Short Ternary
- Use DNF
2.3.3.1. Specs¶
Short name | Appinfo |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
Reports | Diplomat, Ambassador |
2.3.4. Attributes¶
This ruleset gathers all rules that rely on PHP 8.+ attributes.
Total : 4 analysis
2.3.4.1. Specs¶
Short name | Attributes |
Available in | Entreprise Edition, Exakat Cloud |
2.3.5. CE¶
This ruleset is the Community Edition list. It holds all the analysis that are in the community edition version of Exakat.
Total : 625 analysis
- Adding Zero
- Array Index
- Multidimensional Arrays
- Multiple Index Definition
- PHP Arrays Index
- Classes Names
- Constant Definition
- Magic Methods
- Forgotten Visibility
- Non Static Methods Called In A Static
- Old Style Constructor
- Static Methods
- Static Methods Called From Object
- Static Properties
- Constants With Strange Names
- Constants Usage
- Constants Names
- Magic Constant Usage
- PHP Constant Usage
- Defined Exceptions
- Thrown Exceptions
- ext/apc
- ext/bcmath
- ext/bzip2
- ext/calendar
- ext/crypto
- ext/ctype
- ext/curl
- ext/date
- ext/dba
- ext/dom
- ext/enchant
- ext/exif
- ext/fileinfo
- ext/filter
- ext/ftp
- ext/gd
- ext/gmp
- ext/gnupgp
- ext/hash
- ext/iconv
- ext/json
- ext/ldap
- ext/libxml
- ext/mbstring
- ext/mcrypt
- ext/mongo
- ext/mssql
- ext/mysql
- ext/mysqli
- ext/odbc
- ext/openssl
- ext/pcre
- ext/pdo
- ext/pgsql
- ext/phar
- ext/posix
- ext/readline
- ext/reflection
- ext/sem
- ext/session
- ext/shmop
- ext/simplexml
- ext/snmp
- ext/soap
- ext/sockets
- ext/spl
- ext/sqlite
- ext/sqlite3
- ext/ssh2
- ext/standard
- ext/tidy
- ext/tokenizer
- ext/wddx
- ext/xdebug
- ext/xmlreader
- ext/xmlrpc
- ext/xmlwriter
- ext/xsl
- ext/yaml
- ext/zip
- ext/zlib
- Closures Glossary
- Functions Glossary
- Recursive Functions
- Redeclared PHP Functions
- Typehints
- Interfaces Names
- Aliases
- Namespaces Glossary
- Autoloading
- Goto Names
- __halt_compiler
- Incompilable Files
- Labels
- Throw
- Trigger Errors
- Caught Expressions
- error_reporting() With Integers
- Eval() Usage
- Exit() Usage
- Forgotten Whitespace
- Multiply By One
- @ Operator
- Not Not
- include_once() Usage
- Using Short Tags
- Strpos()-like Comparison
- Throws An Assignement
- var_dump()… Usage
- Binary Glossary
- Email Addresses
- Heredoc Delimiter Glossary
- Hexadecimal Glossary
- Md5 Strings
- Nowdoc Delimiter Glossary
- Octal Glossary
- URL List
- Variable References
- Static Variables
- Variables With Long Names
- Variable Variables
- Abstract Class Usage
- Abstract Methods Usage
- Clone Usage
- Variable Constants
- Redefined PHP Traits
- Traits Usage
- Trait Names
- PHP Alternative Syntax
- Short Syntax For Arrays
- inclusions
- ext/file
- ext/array
- ext/info
- ext/math
- $HTTP_RAW_POST_DATA Usage
- Useless Instructions
- Multiple Constant Definition
- Wrong Optional Parameter
- Use === null
- Assertions
- One Variable String
- Cast Usage
- Function Subscripting
- Nested Loops
- <?= Usage
- Static Methods Can’t Contain $this
- While(List() = Each())
- Multiples Identical Case
- Switch Without Default
- Nested Ternary
- Undefined Constants
- Custom Constant Usage
- ext/pcntl
- ext/redis
- Is An Extension Function
- Is An Extension Interface
- Is An Extension Constant
- Htmlentities Calls
- Defined Class Constants
- Undefined Class Constants
- Used Once Variables (In Scope)
- Undefined Functions
- Deprecated PHP Functions
- Dangling Array References
- ext/sqlsrv
- Native Alias Functions Usage
- Uses Default Values
- Wrong Number Of Arguments
- Ellipsis Usage
- Use const
- ext/0mq
- ext/memcache
- ext/memcached
- Is Extension Trait
- Dynamic Function Call
- Has Variable Arguments
- Multiple Catch
- Dynamically Called Classes
- Conditioned Function
- Is Generator
- Try With Finally
- Dereferencing String And Arrays
- list() May Omit Variables
- Or Die
- Constant Scalar Expressions
- Exit-like Methods
- Must Return Methods
- ext/imagick
- ext/oci8
- Overwritten Exceptions
- Foreach Reference Is Not Modified
- ext/imap
- Overwritten Class Constants
- Dynamic Class Constant
- Dynamic Methodcall
- Dynamic New
- Dynamic Property
- Dynamic Classes
- Multiple Classes In One File
- File Uploads
- ext/intl
- Dynamic Code
- ext/pspell
- No Direct Access
- ext/opcache
- Is PHP Constant
- ext/expect
- Defined Properties
- Undefined Properties
- Has Magic Method
- ext/gettext
- Strict Comparison With Booleans
- Lone Blocks
- Super Global Usage
- Global Usage
- Logical Should Use Symbolic Operators
- Namespaces
- Deep Definitions
- Constant Class
- File Is Not Definitions Only
- Repeated print()
- Avoid Parenthesis With Language Construct
- Objects Don’t Need References
- No Real Comparison
- Usage Of class_alias()
- ext/apache
- ext/eaccelerator
- ext/fpm
- No Direct Call To Magic Method
- Useless Final
- Use Constant Instead Of Function
- Resources Usage
- Useless Unset
- No array_merge() In Loops
- Useless Parenthesis
- Shell Usage
- File Usage
- Mail Usage
- Dynamic Calls
- Use PHP Object API
- Altering Foreach Without Reference
- Test Class
- Use Pathinfo
- ext/dio
- No Parenthesis For Language Construct
- ext/phalcon
- Use Constant As Arguments
- Implied If
- Composer Usage
- Composer’s autoload
- Should Chain Exception
- Undefined Interfaces
- ext/apcu
- Should Use Prepared Statement
- Print And Die
- Unchecked Resources
- ext/trader
- ext/mailparse
- ext/mail
- Else If Versus Elseif
- Multiple Class Declarations
- Empty Namespace
- Could Use Short Assignation
- Scalar Typehint Usage
- Return Typehint Usage
- ext/ob
- Pre-increment
- ext/geoip
- ext/event
- ext/amqp
- ext/gearman
- ext/com
- ext/gmagick
- ext/ibase
- ext/inotify
- ext/xdiff
- ext/ev
- ext/php-ast
- ext/xml
- ext/xhprof
- Indices Are Int Or String
- Should Typecast
- Else Usage
- Avoid Substr() One
- Anonymous Classes
- Coalesce
- Directives Usage
- Useless Brackets
- preg_replace With Option e
- eval() Without Try
- Is Not Class Family
- Global In Global
- ext/fann
- Use Web
- Use Cli
- Avoid get_class()
- Silently Cast Integer
- Error Messages
- Timestamp Difference
- Php7 Relaxed Keyword
- ext/pecl_http
- Uses Environment
- Wrong Parameter Type
- Redefined Methods
- Redefined Class Constants
- Redefined Default
- Wrong fopen() Mode
- Is CLI Script
- PHP Bugfixes
- Negative Power
- Use random_int()
- Ternary In Concat
- ext/tokyotyrant
- ext/v8js
- Yield Usage
- Yield From Usage
- Pear Usage
- Undefined Trait
- Identical Conditions
- Unkown Regex Options
- No Choice
- Logical Mistakes
- ext/lua
- Same Conditions In Condition
- Return True False
- Could Use __DIR__
- Should Use Coalesce
- List With Keys
- If With Same Conditions
- ext/suhosin
- Throw Functioncall
- Can’t Disable Function
- Functions Using Reference
- Use Instanceof
- List Short Syntax
- Results May Be Missing
- Use Nullable Type
- Always Positive Comparison
- Multiple Exceptions Catch()
- Empty Blocks
- Throw In Destruct
- Use System Tmp
- Hidden Use Expression
- Should Make Alias
- Multiple Identical Trait Or Interface
- Multiple Alias Definitions
- Failed Substr Comparison
- Should Use Ternary Operator
- Drop Else After Return
- Use ::Class Operator
- ext/rar
- Don’t Echo Error
- Useless Type Casting
- No isset() With empty()
- Useless Check
- ext/nsapi
- ext/newt
- ext/ncurses
- Use Composer Lock
- String
- ext/mongodb
- Error_Log() Usage
- SQL queries
- ext/libsodium
- Multiple Alias Definitions Per File
- __DIR__ Then Slash
- ext/ds
- Use Cookies
- Group Use Declaration
- Repeated Regex
- No Class In Global
- Could Use str_repeat()
- Strings With Strange Space
- No Empty Regex
- ext/sphinx
- Try With Multiple Catch
- ext/grpc
- Use Browscap
- Use Debug
- No Reference On Left Side
- PSR-16 Usage
- PSR-7 Usage
- PSR-6 Usage
- PSR-3 Usage
- PSR-11 Usage
- PSR-13 Usage
- ext/stats
- Dependency Injection
- Courier Anti-Pattern
- ext/gender
- ext/judy
- Yii usage
- Codeigniter usage
- Laravel usage
- Symfony usage
- Wordpress usage
- Ez cms usage
- Joomla usage
- Non Breakable Space In Names
- Multiple Functions Declarations
- swoole
- Manipulates NaN
- Manipulates INF
- Const Or Define
- strict_types Preference
- Declare strict_types Usage
- Encoding Usage
- Ticks Usage
- Assign With And Precedence
- No Magic Method With Array
- ext/xattr
- ext/rdkafka
- ext/fam
- ext/parle
- Regex Inventory
- Is Actually Zero
- Unconditional Break In Loop
- Too Complex Expression
- Is A Magic Property
- Next Month Trap
- Printf Number Of Arguments
- Drupal Usage
- Phalcon Usage
- Fuel PHP Usage
- Argon2 Usage
- Crypto Usage
- Type Array Index
- Incoming Variable Index Inventory
- ext/vips
- Dl() Usage
- environment-variables
- Invalid Regex
- Same Variable Foreach
- ext/igbinary
- Identical On Both Sides
- No Reference For Ternary
- Unused Inherited Variable In Closure
- Fallback Function
- Useless Catch
- ext/hrtime
- ext/xxtea
- ext/uopz
- ext/varnish
- ext/opencensus
- ext/leveldb
- ext/db2
- Don’t Unset Properties
- Strtr Arguments
- Missing Parenthesis
- Callback Function Needs Return
- ext/zookeeper
- ext/cmark
- strpos() Too Much
- Typehinted References
- Check JSON
- ext/eio
- Undefined ::class
- ext/lzf
- ext/msgpack
- Case Insensitive Constants
- Handle Arrays With Callback
- Detect Current Class
- Trailing Comma In Calls
- Undefined Variable
- Undefined Insteadof
- Can’t Disable Class
- ext/seaslog
- Wrong Access Style to Property
- Invalid Pack Format
- Don’t Read And Write In One Expression
- Pack Format Inventory
- Printf Format Inventory
- idn_to_ascii() New Default
- ext/decimal
- ext/psr
- Should Yield With Key
- Useless Method Alias
- ext/sdl
- ext/wasm
- Path lists
- Possible Missing Subpattern
- Assign And Compare
- Typed Property Usage
- ext/weakref
- ext/pcov
- Constant Dynamic Creation
- PHP 8.0 Removed Functions
- PHP 8.0 Removed Constants
- An OOP Factory
- Typehint Must Be Returned
- Self-Transforming Variables
- Check On __Call Usage
- PHP Overridden Function
- ext/svm
- ext/ffi
- ext/password
- ext/zend_monitor
- ext/uuid
- Casting Ternary
- Concat And Addition
- New Functions In PHP 7.4
- curl_version() Has No Argument
- Php 7.4 New Classes
- New Constants In PHP 7.4
- Wrong Type Returned
- Methods That Should Not Be Used
- PHP 7.4 Removed Functions
- mb_strrpos() Third Argument
- array_key_exists() Works On Arrays
- Reflection Export() Is Deprecated
- Unbinding Closures
- Numeric Literal Separator
- Class Without Parent
- Scalar Are Not Arrays
- Create Compact Variables
- PHP 7.4 Reserved Keyword
- No More Curly Arrays
- Overwritten Properties
- Overwritten Constant
- Create Magic Property
- Set Parent Definition
- Make Class Constant Definition
- Follow Closure Definition
- PHP 7.4 Constant Deprecation
- Implode() Arguments Order
- PHP 7.4 Removed Directives
- Hash Algorithms Incompatible With PHP 7.4-
- openssl_random_pseudo_byte() Second Argument
- strip_tags() Skips Closed Tag
- Use Covariance
- Use Contravariance
- Set Array Class Definition
- Use Arrow Functions
- Environment Variable Usage
- Indentation Levels
- Spread Operator For Array
- Nested Ternary Without Parenthesis
- Cyclomatic Complexity
- Should Use Explode Args
- Use array_slice()
- Coalesce And Concat
- Interfaces Is Not Implemented
- No Literal For Reference
- Collect Literals
- Collect Parameter Counts
- Collect Local Variable Counts
- Dereferencing Levels
- Make Functioncall With Reference
- Foreach() Favorite
- Can’t Implement Traversable
- Is_A() With String
- Mbstring Unknown Encoding
- Collect Mbstring Encodings
- Filter To add_slashes()
- Mbstring Third Arg
- Typehinting Stats
- Typo 3 usage
- Concrete5 usage
- Immutable Signature
- Merge If Then
- Wrong Type With Call
- Shell commands
- inclusions
- Typehint Order
- New Order
- Links Between Parameter And Argument
- Collect Class Interface Counts
- Collect Class Depth
- Collect Class Children Count
- Not Equal Is Not !==
- Constant Order
- Php 8.0 Variable Syntax Tweaks
- New Functions In PHP 8.0
- Php 8.0 Only TypeHints
- Union Typehint
- Wrong Typed Property Default
- Signature Trailing Comma
- Throw Was An Expression
- Collect Property Counts
- Collect Method Counts
- Collect Class Constant Counts
- Could Be String
- Could Be Boolean
- Could Be Array Typehint
- Could Be CIT
- Protocol lists
- Type Could Be Integer
- Call Order
- Could Be Null
- Uses PHP 8 Match()
- Could Be Float
- Collect Parameter Names
- Wrong Type For Native PHP Function
- Fossilized Methods List
- Collect Static Class Changes
- Use PHP Attributes
- Use NullSafe Operator
- Use Closure Trailing Comma
- Unknown Parameter Name
- Missing Some Returntype
- Collect Variables
- Collect Global Variables
- Collect Readability
- Collect Definitions Statistics
- Collect Class Traits Counts
- Collect Native Calls Per Expressions
- Function With Dynamic Code
- Cast Unset Usage
- $php_errormsg Usage
- Mismatch Parameter Name
- Collect Files Dependencies
- Collect Atom Counts
- Collect Classes Dependencies
- Collect Php Structures
- Collect Use Counts
- PHP 8.0 Removed Directives
- Unsupported Types With Operators
- Negative Start Index In Array
- Nullable With Constant
- PHP 8.0 Resources Turned Into Objects
- PHP 80 Named Parameter Variadic
- Final Private Methods
- Array_Map() Passes By Value
2.3.5.1. Specs¶
Short name | CE |
Available in | Entreprise Edition, Exakat Cloud |
2.3.6. CI-checks¶
This ruleset is a collection of important rules to run in a CI pipeline.
Total : 178 analysis
- Adding Zero
- Multiple Index Definition
- Forgotten Visibility
- Non Static Methods Called In A Static
- Static Methods Called From Object
- Constants With Strange Names
- Redeclared PHP Functions
- error_reporting() With Integers
- Exit() Usage
- Forgotten Whitespace
- Multiply By One
- @ Operator
- Not Not
- Strpos()-like Comparison
- Throws An Assignement
- var_dump()… Usage
- Useless Instructions
- Multiple Constant Definition
- Wrong Optional Parameter
- Use === null
- One Variable String
- Static Methods Can’t Contain $this
- While(List() = Each())
- Multiples Identical Case
- Switch Without Default
- Nested Ternary
- Undefined Constants
- Htmlentities Calls
- Undefined Class Constants
- Undefined Functions
- Deprecated PHP Functions
- Dangling Array References
- Native Alias Functions Usage
- Uses Default Values
- Wrong Number Of Arguments
- Use const
- list() May Omit Variables
- Or Die
- Must Return Methods
- Overwritten Exceptions
- Foreach Reference Is Not Modified
- Undefined Properties
- Strict Comparison With Booleans
- Lone Blocks
- Logical Should Use Symbolic Operators
- Repeated print()
- Avoid Parenthesis With Language Construct
- Objects Don’t Need References
- No Real Comparison
- No Direct Call To Magic Method
- Useless Final
- Use Constant Instead Of Function
- Useless Unset
- No array_merge() In Loops
- Useless Parenthesis
- Use PHP Object API
- Altering Foreach Without Reference
- Use Pathinfo
- No Parenthesis For Language Construct
- Use Constant As Arguments
- Implied If
- Should Chain Exception
- Undefined Interfaces
- Should Use Prepared Statement
- Print And Die
- Unchecked Resources
- Else If Versus Elseif
- Multiple Class Declarations
- Empty Namespace
- Could Use Short Assignation
- Pre-increment
- Indices Are Int Or String
- Should Typecast
- Avoid Substr() One
- Useless Brackets
- preg_replace With Option e
- eval() Without Try
- Avoid get_class()
- Silently Cast Integer
- Timestamp Difference
- Wrong Parameter Type
- Redefined Class Constants
- Redefined Default
- Wrong fopen() Mode
- Negative Power
- Use random_int()
- Ternary In Concat
- Undefined Trait
- Identical Conditions
- No Choice
- Logical Mistakes
- Same Conditions In Condition
- Return True False
- Could Use __DIR__
- Should Use Coalesce
- If With Same Conditions
- Throw Functioncall
- Use Instanceof
- Results May Be Missing
- Always Positive Comparison
- Empty Blocks
- Throw In Destruct
- Use System Tmp
- Hidden Use Expression
- Should Make Alias
- Multiple Identical Trait Or Interface
- Multiple Alias Definitions
- Failed Substr Comparison
- Should Use Ternary Operator
- Drop Else After Return
- Use ::Class Operator
- Don’t Echo Error
- Useless Type Casting
- No isset() With empty()
- Useless Check
- Multiple Alias Definitions Per File
- __DIR__ Then Slash
- Repeated Regex
- No Class In Global
- Could Use str_repeat()
- Strings With Strange Space
- No Empty Regex
- No Reference On Left Side
- Assign With And Precedence
- No Magic Method With Array
- Is Actually Zero
- Unconditional Break In Loop
- Next Month Trap
- Printf Number Of Arguments
- Invalid Regex
- Same Variable Foreach
- Identical On Both Sides
- No Reference For Ternary
- Unused Inherited Variable In Closure
- Useless Catch
- Don’t Unset Properties
- Strtr Arguments
- Missing Parenthesis
- Callback Function Needs Return
- strpos() Too Much
- Typehinted References
- Check JSON
- Undefined ::class
- Undefined Variable
- Undefined Insteadof
- Wrong Access Style to Property
- Invalid Pack Format
- Should Yield With Key
- Useless Method Alias
- Possible Missing Subpattern
- Assign And Compare
- Typehint Must Be Returned
- Check On __Call Usage
- Casting Ternary
- Concat And Addition
- Wrong Type Returned
- Class Without Parent
- Scalar Are Not Arrays
- Implode() Arguments Order
- strip_tags() Skips Closed Tag
- Should Use Explode Args
- Use array_slice()
- Coalesce And Concat
- Interfaces Is Not Implemented
- No Literal For Reference
- Can’t Implement Traversable
- Is_A() With String
- Mbstring Unknown Encoding
- Mbstring Third Arg
- Merge If Then
- Wrong Type With Call
- Not Equal Is Not !==
- Wrong Typed Property Default
- Wrong Type For Native PHP Function
- Unknown Parameter Name
- Missing Some Returntype
- Htmlentities Using Default Flag
- Wrong Argument Name With PHP Function
2.3.6.1. Specs¶
Short name | CI-checks |
Available in | Entreprise Edition, Exakat Cloud |
2.3.7. Changed Behavior¶
Ruleset with all rules that identify changed behavior across PHP versions. This means that some syntax behave differently, depending on PHP version.
Total : 52 analysis
- $HTTP_RAW_POST_DATA Usage
- Wrong Optional Parameter
- Closure May Use $this
- crypt() Without Salt
- Parent, Static Or Self Outside Class
- Empty With Expression
- Constant Scalar Expressions
- Undefined Properties
- Methodcall On New
- Reserved Keywords In PHP 7
- Scalar Typehint Usage
- Return Typehint Usage
- isset() With Constant
- List With Appends
- Simple Global Variable
- Foreach Don’t Change Pointer
- Unicode Escape Partial
- eval() Without Try
- Usort Sorting In PHP 7.0
- func_get_arg() Modified
- Php7 Relaxed Keyword
- set_exception_handler() Warning
- Using $this Outside A Class
- List With Keys
- PHP 7.1 Microseconds
- No String With Append
- PHP 7.3 Last Empty Argument
- Assert Function Is Reserved
- No Reference For Static Property
- Concat And Addition
- curl_version() Has No Argument
- Null Or Boolean Arrays
- mb_strrpos() Third Argument
- Reflection Export() Is Deprecated
- Class Without Parent
- Implode() Arguments Order
- Throw Was An Expression
- $php_errormsg Usage
- Negative Start Index In Array
- Only First Byte
- Restrict Global Usage
- Inherited Static Variable
- Htmlentities Using Default Flag
- Never Keyword
- Nested Attributes
- Cant Overload Constants
- String Int Comparison
- PHP 8.1 Resources Turned Into Objects
- No Private Abstract Method In Trait
- No Max On Empty Array
- No Empty String With explode()
- strpos() With Integers
2.3.7.1. Specs¶
Short name | ChangedBehavior |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
2.3.8. Class Review¶
This ruleset focuses on classes construction issues, and their related structures : traits, interfaces, methods, properties, constants.
Total : 89 analysis
- Final Class Usage
- Final Methods Usage
- Classes Mutually Extending Each Other
- Could Use self
- Constant Class
- Redefined Property
- Useless Interfaces
- Could Be Class Constant
- Could Be Static
- No Self Referencing Constant
- Property Could Be Private
- Redefined Methods
- Class Should Be Final By Ocramius
- Could Be Protected Property
- Raised Access Level
- Could Be Private Class Constant
- Could Be Protected Class Constant
- Method Could Be Private Method
- Could Be Protected Method
- Property Could Be Local
- Could Be Abstract Class
- Class Could Be Final
- Wrong Access Style to Property
- Unreachable Class Constant
- Avoid Self In Interface
- Self Using Trait
- Method Could Be Static
- Avoid option arrays in constructors
- Memoize MagicCall
- Unused Class Constant
- Dependant Abstract Classes
- Wrong Type Returned
- Disconnected Classes
- Class Without Parent
- Interfaces Is Not Implemented
- Interfaces Don’t Ensure Properties
- Non Nullable Getters
- Insufficient Property Typehint
- Exceeding Typehint
- Nullable Without Check
- Fossilized Method
- Uninitialized Property
- Wrong Typed Property Default
- Hidden Nullable Typehint
- Missing Abstract Method
- Unused Trait In Class
- Cyclic References
- Double Object Assignation
- Mismatch Properties Typehints
- Different Argument Counts
- Could Be Parent Method
- Cancel Common Method
- Modified Typed Parameter
- Useless Typehint
- Could Be Stringable
- Final Private Methods
- Missing __isset() Method
- No Static Variable In A Method
- Inherited Property Type Must Match
- Abstract Class Constants
- Missing Visibility
- Unreachable Method
- Undefined Methods
- Unfinished Object
- Undefined Enumcase
- Cant Overwrite Final Constant
- No Constructor In Interface
- Lowered Access Level
- Used Once Trait
- Parent Is Not Static
- No Magic Method For Enum
- No Readonly Assignation In Global
- Could Set Property Default
- Wrong Type With Default
- Same Name For Property And Method
- Magic Method Returntype Is Restricted
- Could Inject Param
- Set Chaining Exception
- Useless Assignation Of Promoted Property
- Type Dodging
- Class Could Be Readonly
- Class Invasion
- Property Invasion
- Different Constructors
- Sidelined Method
- Rewrote Final Class Constant
- Useless Constant Overwrite
- Incompatible Property Between Class And Trait
- Static Call With Self
2.3.8.1. Specs¶
Short name | ClassReview |
Available in | Entreprise Edition, Exakat Cloud |
2.3.9. Classdependencies¶
This ruleset list all dependencies between classes : heritage and type.
Total : 1 analysis
2.3.9.1. Specs¶
Short name | Classdependencies |
Available in | Entreprise Edition, Exakat Cloud |
Reports | report-classdependencies |
2.3.10. Coding conventions¶
This ruleset centralizes all analysis related to coding conventions. Sometimes, those are easy to extract with static analysis, and so here they are. No all o them are available.
Total : 28 analysis
- No Plus One
- All Uppercase Variables
- Use With Fully Qualified Name
- Non-lowercase Keywords
- Echo Or Print
- Constant Comparison
- Close Tags
- One Letter Functions
- Wrong Class Name Case
- Bracketless Blocks
- Use const
- Unusual Case For PHP Functions
- Interpolation
- Empty Slots In Arrays
- Multiple Classes In One File
- Return With Parenthesis
- Should Be Single Quote
- Yoda Comparison
- Mixed Concat And Interpolation
- Order Of Declaration
- Heredoc Delimiter
- Mistaken Concatenation
- Don’t Be Too Manual
- Similar Integers
- Wrong Function Name Case
- Wrong Case Namespaces
- Wrong Typehinted Name
- Multiple Property Declaration On One Line
2.3.10.1. Specs¶
Short name | Coding Conventions |
Available in | Entreprise Edition, Exakat Cloud |
2.3.11. CompatibilityPHP53¶
This ruleset centralizes all analysis for the migration from PHP 5.2 to 5.3.
Total : 87 analysis
- Non Static Methods Called In A Static
- ext/dba
- Use Lower Case For Parent, Static And Self
- Break With 0
- Binary Glossary
- Malformed Octal
- Short Syntax For Arrays
- New Functions In PHP 5.4
- New Functions In PHP 5.5
- New Functions In PHP 5.6
- Multiple Definition Of The Same Argument
- Function Subscripting
- Closure May Use $this
- Switch With Too Many Default
- Ellipsis Usage
- Exponent Usage
- Dereferencing String And Arrays
- class
- Foreach With list()
- Use Const And Functions
- Constant Scalar Expressions
- __debugInfo() Usage
- Mixed Keys Arrays
- Const With Array
- Methodcall On New
- Hash Algorithms Incompatible With PHP 5.3
- Class Const With Array
- Variable Global
- Null On New
- isset() With Constant
- Anonymous Classes
- Unicode Escape Syntax
- New Functions In PHP 7.0
- PHP 7.0 New Classes
- PHP 7.0 New Interfaces
- Parenthesis As Parameter
- PHP5 Indirect Variable Expression
- Php 7 Indirect Expression
- Unicode Escape Partial
- Define With Array
- No List With String
- PHP7 Dirname
- Php7 Relaxed Keyword
- Cant Use Return Value In Write Context
- Php 7.1 New Class
- List With Keys
- List Short Syntax
- Use Nullable Type
- Multiple Exceptions Catch()
- No String With Append
- Group Use Declaration
- New Functions In PHP 7.3
- Cant Inherit Abstract Method
- Group Use Trailing Comma
- Child Class Removes Typehint
- No Substr Minus One
- Integer As Property
- No get_class() With Null
- Php 7.2 New Class
- List With Reference
- PHP 7.3 Last Empty Argument
- Flexible Heredoc
- Const Visibility Usage
- Hash Algorithms Incompatible With PHP 7.1-
- PHP 7.0 Scalar Typehints
- PHP 7.1 Scalar Typehints
- PHP 7.2 Scalar Typehints
- Continue Is For Loop
- Trailing Comma In Calls
- Direct Call To __clone()
- No Return For Generator
- No Reference For Static Property
- Typed Property Usage
- Concat And Addition
- Unpacking Inside Arrays
- Generator Cannot Return
- Coalesce Equal
- Enum Usage
- $FILES full_path
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Cant Overload Constants
- Constant Scalar Expression
- No Private Abstract Method In Trait
- Clone Constant
2.3.11.1. Specs¶
Short name | CompatibilityPHP53 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador |
2.3.12. CompatibilityPHP54¶
This ruleset centralizes all analysis for the migration from PHP 5.3 to 5.4.
Total : 84 analysis
- Non Static Methods Called In A Static
- Use Lower Case For Parent, Static And Self
- Functions Removed In PHP 5.4
- Break With Non Integer
- Calltime Pass By Reference
- Malformed Octal
- New Functions In PHP 5.5
- New Functions In PHP 5.6
- Multiple Definition Of The Same Argument
- Switch With Too Many Default
- crypt() Without Salt
- Ellipsis Usage
- Exponent Usage
- Dereferencing String And Arrays
- class
- Foreach With list()
- Use Const And Functions
- Constant Scalar Expressions
- __debugInfo() Usage
- Mixed Keys Arrays
- Const With Array
- Hash Algorithms Incompatible With PHP 5.3
- Hash Algorithms Incompatible With PHP 5.4/5.5
- Class Const With Array
- Variable Global
- Null On New
- isset() With Constant
- Anonymous Classes
- Unicode Escape Syntax
- New Functions In PHP 7.0
- PHP 7.0 New Classes
- PHP 7.0 New Interfaces
- Parenthesis As Parameter
- PHP5 Indirect Variable Expression
- Php 7 Indirect Expression
- Unicode Escape Partial
- Define With Array
- No List With String
- PHP7 Dirname
- Php7 Relaxed Keyword
- Cant Use Return Value In Write Context
- Php 7.1 New Class
- List With Keys
- List Short Syntax
- Use Nullable Type
- Multiple Exceptions Catch()
- No String With Append
- Group Use Declaration
- New Functions In PHP 7.3
- Cant Inherit Abstract Method
- Group Use Trailing Comma
- Child Class Removes Typehint
- No Substr Minus One
- Integer As Property
- No get_class() With Null
- Php 7.2 New Class
- List With Reference
- PHP 7.3 Last Empty Argument
- Flexible Heredoc
- Const Visibility Usage
- Hash Algorithms Incompatible With PHP 7.1-
- PHP 7.0 Scalar Typehints
- PHP 7.1 Scalar Typehints
- PHP 7.2 Scalar Typehints
- Continue Is For Loop
- Trailing Comma In Calls
- Direct Call To __clone()
- No Return For Generator
- No Reference For Static Property
- Typed Property Usage
- Concat And Addition
- Unpacking Inside Arrays
- Generator Cannot Return
- Coalesce Equal
- Enum Usage
- $FILES full_path
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Cant Overload Constants
- Constant Scalar Expression
- No Private Abstract Method In Trait
- Clone Constant
2.3.12.1. Specs¶
Short name | CompatibilityPHP54 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador |
2.3.13. CompatibilityPHP55¶
This ruleset centralizes all analysis for the migration from PHP 5.4 to 5.5.
Total : 77 analysis
- Non Static Methods Called In A Static
- ext/apc
- ext/mysql
- Functions Removed In PHP 5.5
- Malformed Octal
- New Functions In PHP 5.6
- Multiple Definition Of The Same Argument
- Switch With Too Many Default
- Ellipsis Usage
- Exponent Usage
- Use password_hash()
- Use Const And Functions
- Constant Scalar Expressions
- __debugInfo() Usage
- Const With Array
- Hash Algorithms Incompatible With PHP 5.3
- Hash Algorithms Incompatible With PHP 5.4/5.5
- Class Const With Array
- Variable Global
- Null On New
- isset() With Constant
- Anonymous Classes
- Unicode Escape Syntax
- New Functions In PHP 7.0
- PHP 7.0 New Classes
- PHP 7.0 New Interfaces
- Parenthesis As Parameter
- PHP5 Indirect Variable Expression
- Php 7 Indirect Expression
- Unicode Escape Partial
- Define With Array
- No List With String
- PHP7 Dirname
- Php7 Relaxed Keyword
- Php 7.1 New Class
- List With Keys
- List Short Syntax
- Use Nullable Type
- Multiple Exceptions Catch()
- No String With Append
- Group Use Declaration
- New Functions In PHP 7.3
- Cant Inherit Abstract Method
- Group Use Trailing Comma
- Child Class Removes Typehint
- No Substr Minus One
- Integer As Property
- No get_class() With Null
- Php 7.2 New Class
- List With Reference
- PHP 7.3 Last Empty Argument
- Flexible Heredoc
- Const Visibility Usage
- Hash Algorithms Incompatible With PHP 7.1-
- PHP 7.0 Scalar Typehints
- PHP 7.1 Scalar Typehints
- PHP 7.2 Scalar Typehints
- Continue Is For Loop
- Trailing Comma In Calls
- Direct Call To __clone()
- No Return For Generator
- No Reference For Static Property
- Typed Property Usage
- Concat And Addition
- Unpacking Inside Arrays
- Generator Cannot Return
- Coalesce Equal
- Enum Usage
- $FILES full_path
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Cant Overload Constants
- Constant Scalar Expression
- No Private Abstract Method In Trait
- Clone Constant
2.3.13.1. Specs¶
Short name | CompatibilityPHP55 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador |
2.3.14. CompatibilityPHP56¶
This ruleset centralizes all analysis for the migration from PHP 5.5 to 5.6.
Total : 67 analysis
- Non Static Methods Called In A Static
- Malformed Octal
- $HTTP_RAW_POST_DATA Usage
- Multiple Definition Of The Same Argument
- Switch With Too Many Default
- Hash Algorithms Incompatible With PHP 5.3
- Hash Algorithms Incompatible With PHP 5.4/5.5
- Variable Global
- Null On New
- isset() With Constant
- Anonymous Classes
- Unicode Escape Syntax
- New Functions In PHP 7.0
- PHP 7.0 New Classes
- PHP 7.0 New Interfaces
- Parenthesis As Parameter
- PHP5 Indirect Variable Expression
- Php 7 Indirect Expression
- Unicode Escape Partial
- Define With Array
- No List With String
- PHP7 Dirname
- Php7 Relaxed Keyword
- Php 7.1 New Class
- List With Keys
- List Short Syntax
- Use Nullable Type
- Multiple Exceptions Catch()
- No String With Append
- Group Use Declaration
- New Functions In PHP 7.3
- Cant Inherit Abstract Method
- Group Use Trailing Comma
- Child Class Removes Typehint
- No Substr Minus One
- Integer As Property
- No get_class() With Null
- Php 7.2 New Class
- List With Reference
- PHP 7.3 Last Empty Argument
- Flexible Heredoc
- Const Visibility Usage
- Hash Algorithms Incompatible With PHP 7.1-
- PHP 7.0 Scalar Typehints
- PHP 7.1 Scalar Typehints
- PHP 7.2 Scalar Typehints
- Continue Is For Loop
- Trailing Comma In Calls
- Direct Call To __clone()
- No Return For Generator
- No Reference For Static Property
- Typed Property Usage
- Concat And Addition
- Unpacking Inside Arrays
- Generator Cannot Return
- Coalesce Equal
- Php 8.0 Only TypeHints
- Enum Usage
- $FILES full_path
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Cant Overload Constants
- Constant Scalar Expression
- No Private Abstract Method In Trait
- Clone Constant
2.3.14.1. Specs¶
Short name | CompatibilityPHP56 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador |
2.3.15. CompatibilityPHP70¶
This ruleset centralizes all analysis for the migration from PHP 5.6 to 7.0.
Total : 58 analysis
- mcrypt_create_iv() With Default Values
- Magic Visibility
- Hash Algorithms Incompatible With PHP 5.3
- Hash Algorithms Incompatible With PHP 5.4/5.5
- Reserved Keywords In PHP 7
- Break Outside Loop
- PHP 7.0 Removed Functions
- Empty List
- List With Appends
- Simple Global Variable
- Foreach Don’t Change Pointer
- Php 7 Indirect Expression
- PHP 7.0 Removed Directives
- preg_replace With Option e
- Setlocale() Uses Constants
- Usort Sorting In PHP 7.0
- Hexadecimal In String
- func_get_arg() Modified
- set_exception_handler() Warning
- Php 7.1 New Class
- List With Keys
- List Short Syntax
- Use Nullable Type
- Multiple Exceptions Catch()
- New Functions In PHP 7.3
- Cant Inherit Abstract Method
- Group Use Trailing Comma
- Child Class Removes Typehint
- No Substr Minus One
- Integer As Property
- No get_class() With Null
- Php 7.2 New Class
- List With Reference
- PHP 7.3 Last Empty Argument
- Flexible Heredoc
- Const Visibility Usage
- Hash Algorithms Incompatible With PHP 7.1-
- PHP 7.1 Scalar Typehints
- PHP 7.2 Scalar Typehints
- Continue Is For Loop
- Trailing Comma In Calls
- No Reference For Static Property
- Typed Property Usage
- Concat And Addition
- Unpacking Inside Arrays
- Coalesce Equal
- Php 8.0 Only TypeHints
- Union Typehint
- Enum Usage
- $FILES full_path
- Final Constant
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Cant Overload Constants
- No Private Abstract Method In Trait
- Clone Constant
2.3.15.1. Specs¶
Short name | CompatibilityPHP70 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador |
2.3.16. CompatibilityPHP71¶
This ruleset centralizes all analysis for the migration from PHP 7.0 to 7.1.
Total : 48 analysis
- ext/mcrypt
- Hash Algorithms Incompatible With PHP 5.3
- Hash Algorithms Incompatible With PHP 5.4/5.5
- Avoid Substr() One
- PHP 7.0 Removed Functions
- PHP 7.0 Removed Directives
- preg_replace With Option e
- Hexadecimal In String
- Use random_int()
- Using $this Outside A Class
- PHP 7.1 Removed Directives
- New Functions In PHP 7.1
- PHP 7.1 Microseconds
- Invalid Octal In String
- New Functions In PHP 7.3
- Cant Inherit Abstract Method
- Group Use Trailing Comma
- Child Class Removes Typehint
- Integer As Property
- No get_class() With Null
- Php 7.2 New Class
- List With Reference
- PHP 7.3 Last Empty Argument
- Flexible Heredoc
- PHP 7.2 Scalar Typehints
- Continue Is For Loop
- Trailing Comma In Calls
- No Reference For Static Property
- Typed Property Usage
- String Initialization
- Concat And Addition
- Unpacking Inside Arrays
- Coalesce Equal
- Php 8.0 Only TypeHints
- Union Typehint
- Signature Trailing Comma
- Enum Usage
- $FILES full_path
- Final Constant
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Cant Overload Constants
- array_merge With Ellipsis
- No Private Abstract Method In Trait
- Clone Constant
- No Keyword In Namespace
2.3.16.1. Specs¶
Short name | CompatibilityPHP71 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador |
2.3.17. CompatibilityPHP72¶
This ruleset centralizes all analysis for the migration from PHP 7.1 to 7.2.
Total : 41 analysis
- Undefined Constants
- Hash Algorithms Incompatible With PHP 5.3
- Hash Algorithms Incompatible With PHP 5.4/5.5
- preg_replace With Option e
- PHP 7.2 Deprecations
- PHP 7.2 Removed Functions
- New Functions In PHP 7.2
- New Constants In PHP 7.2
- New Functions In PHP 7.3
- PHP 7.2 Object Keyword
- No get_class() With Null
- Php 7.2 New Class
- Avoid set_error_handler $context Argument
- Hash Will Use Objects
- Can’t Count Non-Countable
- List With Reference
- PHP 7.3 Last Empty Argument
- Flexible Heredoc
- Continue Is For Loop
- Trailing Comma In Calls
- No Reference For Static Property
- Typed Property Usage
- Concat And Addition
- Unpacking Inside Arrays
- Coalesce Equal
- Php 8.0 Only TypeHints
- Union Typehint
- Signature Trailing Comma
- Throw Was An Expression
- Enum Usage
- $FILES full_path
- Final Constant
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Cant Overload Constants
- array_merge With Ellipsis
- No Private Abstract Method In Trait
- Clone Constant
- No Keyword In Namespace
2.3.17.1. Specs¶
Short name | CompatibilityPHP72 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador |
2.3.18. CompatibilityPHP73¶
This ruleset centralizes all analysis for the migration from PHP 7.2 to 7.3.
Total : 32 analysis
- New Functions In PHP 7.3
- Unknown Pcre2 Option
- Nonexistent Variable In compact()
- Case Insensitive Constants
- Assert Function Is Reserved
- Continue Is For Loop
- PHP 7.3 Removed Functions
- Don’t Read And Write In One Expression
- Typed Property Usage
- Concat And Addition
- Unpacking Inside Arrays
- Numeric Literal Separator
- PHP 74 New Directives
- Coalesce Equal
- Php 8.0 Only TypeHints
- Union Typehint
- Signature Trailing Comma
- Throw Was An Expression
- Enum Usage
- $FILES full_path
- Final Constant
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Nested Attributes
- New Initializers
- Cant Overload Constants
- array_merge With Ellipsis
- No Private Abstract Method In Trait
- Clone Constant
- No Keyword In Namespace
2.3.18.1. Specs¶
Short name | CompatibilityPHP73 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador |
2.3.19. CompatibilityPHP74¶
This ruleset centralizes all analysis for the migration from PHP 7.3 to 7.4.
Total : 43 analysis
- Detect Current Class
- Don’t Read And Write In One Expression
- idn_to_ascii() New Default
- Concat And Addition
- New Functions In PHP 7.4
- curl_version() Has No Argument
- Php 7.4 New Classes
- New Constants In PHP 7.4
- PHP 7.4 Removed Functions
- mb_strrpos() Third Argument
- array_key_exists() Works On Arrays
- Reflection Export() Is Deprecated
- Unbinding Closures
- Scalar Are Not Arrays
- PHP 7.4 Reserved Keyword
- No More Curly Arrays
- PHP 7.4 Constant Deprecation
- PHP 7.4 Removed Directives
- Hash Algorithms Incompatible With PHP 7.4-
- openssl_random_pseudo_byte() Second Argument
- Nested Ternary Without Parenthesis
- Filter To add_slashes()
- Php 8.0 Variable Syntax Tweaks
- New Functions In PHP 8.0
- Php 8.0 Only TypeHints
- Union Typehint
- Signature Trailing Comma
- Throw Was An Expression
- Uses PHP 8 Match()
- Avoid get_object_vars()
- Enum Usage
- $FILES full_path
- Final Constant
- Never Typehint Usage
- PHP 8.1 Typehints
- PHP 8.0 Typehints
- Named Parameter Usage
- Nested Attributes
- New Initializers
- Cant Overload Constants
- No Private Abstract Method In Trait
- Clone Constant
- No Keyword In Namespace
2.3.19.1. Specs¶
Short name | CompatibilityPHP74 |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
Reports | Diplomat, Ambassador |
2.3.20. CompatibilityPHP80¶
This ruleset centralizes all analysis for the migration from PHP 7.4 to 8.0.
Total : 33 analysis
- Old Style Constructor
- Wrong Optional Parameter
- PHP 8.0 Removed Functions
- PHP 8.0 Removed Constants
- Concat And Addition
- PHP 7.4 Removed Directives
- Cast Unset Usage
- $php_errormsg Usage
- Mismatch Parameter Name
- PHP 8.0 Removed Directives
- Unsupported Types With Operators
- Negative Start Index In Array
- Nullable With Constant
- PHP 8.0 Resources Turned Into Objects
- PHP 80 Named Parameter Variadic
- Final Private Methods
- Array_Map() Passes By Value
- Reserved Match Keyword
- Avoid get_object_vars()
- Enum Usage
- Final Constant
- Never Typehint Usage
- PHP 8.1 Typehints
- Mixed Keyword
- Nested Attributes
- New Initializers
- Cant Overload Constants
- String Int Comparison
- PHP 8.1 Resources Turned Into Objects
- Clone Constant
- Named Argument And Variadic
- Multiple Type Cases In Switch
- No Max On Empty Array
2.3.20.1. Specs¶
Short name | CompatibilityPHP80 |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
Reports | Diplomat, Ambassador |
2.3.21. CompatibilityPHP81¶
This ruleset centralizes all analysis for the migration from PHP 8.0 to 8.1.
Total : 21 analysis
- PHP 7.4 Removed Directives
- PHP 8.0 Removed Directives
- Restrict Global Usage
- Inherited Static Variable
- PHP 8.1 Removed Directives
- Openssl Encrypt Default Algorithm Change
- PHP 8.1 Removed Constants
- PHP Native Class Type Compatibility
- No Null For Native PHP Functions
- Calling Static Trait Method
- No Referenced Void
- PHP Native Interfaces and Return Type
- New Functions In PHP 8.1
- PHP 8.1 Removed Functions
- Never Keyword
- Mixed Keyword
- False To Array Conversion
- Float Conversion As Index
- Cannot Call Static Trait Method Directly
- version_compare Operator
- Named Argument And Variadic
2.3.21.1. Specs¶
Short name | CompatibilityPHP81 |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
Reports | Diplomat, Ambassador |
2.3.22. CompatibilityPHP82¶
This ruleset centralizes all analysis for the migration from PHP 8.1 to 8.2.
Total : 13 analysis
- Undefined Properties
- False To Array Conversion
- Float Conversion As Index
- Cannot Call Static Trait Method Directly
- Deprecated Callable
- Checks Property Existence
- Extends stdClass
- version_compare Operator
- Dollar Curly Interpolation Is Deprecated
- Utf8 Encode And Decode Are Deprecated
- New Functions In PHP 8.2
- Deprecated Mb_string Encodings
- Constants In Traits
2.3.22.1. Specs¶
Short name | CompatibilityPHP82 |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
Reports | Diplomat, Ambassador |
2.3.23. CompatibilityPHP83¶
This ruleset centralizes all analysis for the migration from PHP 8.2 to 8.3.
Total : 3 analysis
2.3.23.1. Specs¶
Short name | CompatibilityPHP83 |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
Reports | Diplomat, Ambassador |
2.3.24. Dead code¶
This ruleset focuses on dead code : expressions or even structures that are written, valid but never used.
Total : 31 analysis
- Empty Traits
- Unused Use
- Unused Private Properties
- Unused Private Methods
- Unused Functions
- Unused Constants
- Unreachable Code
- Empty Instructions
- Unused Methods
- Unused Classes
- Locally Unused Property
- Unresolved Instanceof
- Unthrown Exception
- Unused Label
- Unused Interfaces
- Unresolved Catch
- Unset In Foreach
- Empty Namespace
- Can’t Extend Final
- Exception Order
- Undefined Caught Exceptions
- Unused Protected Methods
- Unused Returned Value
- Rethrown Exceptions
- Unused Inherited Variable In Closure
- Self Using Trait
- Useless Type Check
- Unreachable Method
- Identical Elseif
- Use Variable Created Inside Loop
- Unused Enumeration Case
2.3.24.1. Specs¶
Short name | Dead code |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador, Rector |
2.3.25. Deprecated¶
This ruleset centralizes all analysis that are marked as ‘deprecated feature’ for some versions.
For example :
- Php/NestedTernaryWithoutParenthesis : deprecated PHP 7.4, removed PHP 8.0
- Php/NoMoreCurlyArrays : deprecated PHP 7.4, removed PHP 8.0
- Classes/NoParent : deprecated PHP 7.4, removed PHP 8.0
- Php/Php74RemovedDirective : deprecated PHP 7.4, removed PHP 8.0
- Php/ArrayKeyExistsWithObjects : deprecated PHP 7.4, removed PHP 8.0
Total : 8 analysis
- Is An Extension Function
- Case Insensitive Constants
- Assert Function Is Reserved
- Nested Ternary Without Parenthesis
- No Null For Native PHP Functions
- Calling Static Trait Method
- No Referenced Void
- PHP Native Interfaces and Return Type
2.3.25.1. Specs¶
Short name | Deprecated |
Available in | Entreprise Edition, Exakat Cloud |
2.3.26. Dump¶
This ruleset collects various names given to different structures in the code : for example, variables, classes, methods, constants, etc. It also collects networks of data, like file inclusion or external dependencies.
Total : 53 analysis
- Caught Exceptions
- Environment Variable Usage
- Indentation Levels
- Cyclomatic Complexity
- Collect Literals
- Collect Parameter Counts
- Collect Local Variable Counts
- Dereferencing Levels
- Foreach() Favorite
- Collect Mbstring Encodings
- Typehinting Stats
- inclusions
- Typehint Order
- New Order
- Collect Class Interface Counts
- Collect Class Depth
- Collect Class Children Count
- Constant Order
- Collect Property Counts
- Collect Method Counts
- Collect Class Constant Counts
- Call Order
- Collect Parameter Names
- Fossilized Methods List
- Collect Static Class Changes
- Collect Variables
- Collect Global Variables
- Collect Readability
- Collect Definitions Statistics
- Collect Class Traits Counts
- Collect Native Calls Per Expressions
- Collect Files Dependencies
- Collect Atom Counts
- Collect Classes Dependencies
- Collect Php Structures
- Collect Use Counts
- Collect Block Size
- Collect Dependency Extension
- Public Reach To Private Methods
- Could Be A Constant
- Collect Stub Structures
- Collect Vendor Structures
- Collect Calls
- Collect SetLocale
- Argument Counts Per Calls
- Collect Throw Calls
- Collect Compared Literals
- Comparison On Different Types
- Collects Names
- Class Injection Count
- Collect Property Usage
- Collect Structures
- Collect Catch Calls
2.3.26.1. Specs¶
Short name | Dump |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
Reports |
2.3.27. First¶
A set of rules that are always run at the beginning of a project, because they are frequently used. It is mostly used internally.
Total : 3 analysis
2.3.27.1. Specs¶
Short name | First |
Available in | Entreprise Edition, Community Edition, Exakat Cloud |
2.3.28. Inventory¶
This ruleset collect all free-text names used in the code : variables, global, arguments, methods, classes, etc…
For example :
- Classes/MagicProperties
- Constants/Constantnames : names of global Constants
- Php/CookieVariables : names of cookies
- Php/DateFormats : date formats
- Php/IncomingVariables : names of the GET/POST arguments
- Php/SessionVariables : names of the session variables
- Type/ArrayIndex : indices used in arrays
- Type/Binary : binary values
- Type/CharString : string values
- Type/Email : hardcoded emails
- Type/GPCIndex : GET, POST and COOKIE names
- Type/Hexadecimal : hexadecimal values
- Type/HexadecimalString : hexadecimal values
- Type/HttpHeader : HTTP headers
- Type/HttpStatus : HTTP status
- Type/Md5String : MD5 string
- Type/MimeType : Mime types
- Type/OctalInString : octal values
- Type/OpensslCipher : names of OpenSSL cipher
- Type/Pack : pack() formats
- Type/Pcre : regex strings
- Type/Ports : server ports mentioned
- Type/Printf : printf() and co formatting strings
- Type/Regex : regex strings
- Type/SpecialIntegers : integer, with special values
- Type/Sql : SQL strings
- Type/UdpDomains : UDP domains
- Type/UnicodeBlock : Unicode blocks
- Type/Url : URL
Total : 36 analysis
- Constants Names
- Binary Glossary
- Email Addresses
- Heredoc Delimiter Glossary
- Hexadecimal Glossary
- Http Headers
- HTTP Status Code
- Md5 Strings
- Mime Types
- Perl Regex
- Internet Ports
- Special Integers
- All strings
- Unicode Blocks
- URL List
- Hexadecimal In String
- Invalid Octal In String
- SQL queries
- Regex Inventory
- Switch Fallthrough
- Session Variables
- Incoming Variables
- Cookies Variables
- Date Formats
- Type Array Index
- Incoming Variable Index Inventory
- Pack Format Inventory
- Printf Format Inventory
- Magic Properties
- Internet Domains
- OpenSSL Ciphers Used
- Promoted Properties
- Extends stdClass
- Incoming Date Formats
- Ip
- Init Then Update
2.3.28.1. Specs¶
Short name | Inventory |
Available in | Entreprise Edition, Exakat Cloud |
Reports |
2.3.29. IsExt¶
This is automatically filled, based on the documentation’s isExt attribute.
Total : 36 analysis
- Non Static Methods Called In A Static
- Static Methods Called From Object
- Undefined Constants
- Instantiating Abstract Class
- Undefined Classes
- Defined Class Constants
- Undefined Class Constants
- Undefined Functions
- Uses Default Values
- Wrong Number Of Arguments
- Unresolved Use
- Access Protected Structures
- Unusual Case For PHP Functions
- Undefined Interfaces
- Is Interface Method
- Already Parents Interface
- Can’t Extend Final
- Undefined Trait
- Raised Access Level
- Only Variable Passed By Reference
- Too Many Native Calls
- Redefined Private Property
- PHP Overridden Function
- Php Native Reference Variable
- Interfaces Is Not Implemented
- Make Functioncall With Reference
- Dont Collect Void
- Array_Map() Passes By Value
- Only Container For Reference
- Wrong Argument Name With PHP Function
- Undefined Enumcase
- Cant Overwrite Final Constant
- Lowered Access Level
- Cant Overwrite Final Method
- Overload Existing Names
- Method Property Confusion
2.3.29.1. Specs¶
Short name | IsExt |
Available in | Entreprise Edition, Exakat Cloud |
2.3.30. IsPHP¶
This is automatically filled, based on the documentation’s isPHP attribute.
Total : 36 analysis
- Non Static Methods Called In A Static
- Static Methods Called From Object
- Undefined Constants
- Instantiating Abstract Class
- Undefined Classes
- Defined Class Constants
- Undefined Class Constants
- Undefined Functions
- Uses Default Values
- Wrong Number Of Arguments
- Unresolved Use
- Access Protected Structures
- Unusual Case For PHP Functions
- Undefined Interfaces
- Is Interface Method
- Already Parents Interface
- Can’t Extend Final
- Undefined Trait
- Raised Access Level
- Only Variable Passed By Reference
- Too Many Native Calls
- Redefined Private Property
- PHP Overridden Function
- Php Native Reference Variable
- Interfaces Is Not Implemented
- Make Functioncall With Reference
- Dont Collect Void
- Array_Map() Passes By Value
- Only Container For Reference
- Wrong Argument Name With PHP Function
- Undefined Enumcase
- Cant Overwrite Final Constant
- Lowered Access Level
- Cant Overwrite Final Method
- Overload Existing Names
- Method Property Confusion
2.3.30.1. Specs¶
Short name | IsPHP |
Available in | Entreprise Edition, Exakat Cloud |
2.3.31. IsStub¶
This is automatically filled, based on the documentation’s isStub attribute.
Total : 34 analysis
- Non Static Methods Called In A Static
- Static Methods Called From Object
- Undefined Constants
- Instantiating Abstract Class
- Undefined Classes
- Defined Class Constants
- Undefined Class Constants
- Undefined Functions
- Uses Default Values
- Wrong Number Of Arguments
- Unresolved Use
- Access Protected Structures
- Undefined Interfaces
- Is Interface Method
- Already Parents Interface
- Can’t Extend Final
- Undefined Trait
- Raised Access Level
- Only Variable Passed By Reference
- Redefined Private Property
- PHP Overridden Function
- Php Native Reference Variable
- Interfaces Is Not Implemented
- Make Functioncall With Reference
- Dont Collect Void
- Array_Map() Passes By Value
- Only Container For Reference
- Wrong Argument Name With PHP Function
- Undefined Enumcase
- Cant Overwrite Final Constant
- Lowered Access Level
- Cant Overwrite Final Method
- Overload Existing Names
- Method Property Confusion
2.3.31.1. Specs¶
Short name | IsStub |
Available in | Entreprise Edition, Exakat Cloud |
2.3.32. LintButWontExec¶
This ruleset focuses on PHP code that lint (php -l), but that will not run. As such, this ruleset tries to go further than PHP, by connecting files, just like during execution.
Total : 46 analysis
- Final Class Usage
- Final Methods Usage
- $this Belongs To Classes Or Traits
- Classes Mutually Extending Each Other
- Undefined Class Constants
- Must Return Methods
- Undefined Interfaces
- No Self Referencing Constant
- Using $this Outside A Class
- Undefined Trait
- Raised Access Level
- self, parent, static Outside Class
- Implemented Methods Must Be Public
- No Magic Method With Array
- Method Signature Must Be Compatible
- Mismatch Type And Default
- Can’t Throw Throwable
- Abstract Or Implements
- Incompatible Signature Methods
- Undefined Insteadof
- Method Collision Traits
- Only Variable For Reference
- Repeated Interface
- Avoid Self In Interface
- Useless Method Alias
- Typehint Must Be Returned
- Clone With Non-Object
- Trait Not Found
- Wrong Type Returned
- Interfaces Is Not Implemented
- Can’t Implement Traversable
- Wrong Typed Property Default
- Mismatch Properties Typehints
- Could Be Stringable
- Only Container For Reference
- Inherited Property Type Must Match
- Duplicate Named Parameter
- PHP Native Interfaces and Return Type
- False To Array Conversion
- Deprecated Callable
- Cant Overload Constants
- Cant Overwrite Final Constant
- Implicit Conversion To Int
- No Magic Method For Enum
- Wrong Type With Default
- Clone Constant
2.3.32.1. Specs¶
Short name | LintButWontExec |
Available in | Entreprise Edition, Exakat Cloud |
2.3.33. NoDoc¶
Ruleset with analysis which are not published in the docs.
Total : 36 analysis
- Php Native Reference Variable
- Create Compact Variables
- Propagate Constants
- Overwritten Properties
- Overwritten Methods
- Overwritten Constant
- Set Clone Link
- Create Magic Property
- Set Parent Definition
- Make Class Method Definition
- Create Default Values
- Set class_alias() Definition
- Make Class Constant Definition
- Set Class Remote Definition With Injection
- Solve Trait Methods
- Follow Closure Definition
- Set Class Remote Definition With Return Typehint
- Set Class Remote Definition With Local New
- Set Class Remote Definition With Typehint
- Set Class Remote Definition With Global
- Set Class Remote Definition With Parenthesis
- Set Class Property Definition With Typehint
- Set Array Class Definition
- Set Class Method Remote Definition
- Make Functioncall With Reference
- Propagate Calls
- Create Foreach Default
- Extended Typehints
- Php Ext Stub Property And Method
- Variable Anf Property Typehint
- Is Stub Structure
- Is PHP Structure
- Is Extension Structure
- Add Return Typehint
- Create Magic Method
- Make All Statics
2.3.33.1. Specs¶
Short name | NoDoc |
Available in | Entreprise Edition, Exakat Cloud |
2.3.34. One Liners¶
This ruleset focuses on reporting one liners, which makes using an IDE had.
Total : 5 analysis
2.3.34.1. Specs¶
Short name | OneLiners |
Available in | |
Reports |
2.3.35. PHP recommendations¶
This ruleset is collected from the warnings and notes that are available in the PHP manual. For example, return do not require parenthesis.
Total : 0 analysis
2.3.35.1. Specs¶
Short name | Php-recommendations |
Available in | Entreprise Edition, Exakat Cloud |
2.3.36. Performances¶
This ruleset focuses on performances issues : anything that slows the code’s execution.
Total : 58 analysis
- Eval() Usage
- For Using Functioncall
- @ Operator
- Nested Loops
- While(List() = Each())
- Unpreprocessed Values
- Avoid array_unique()
- Echo With Concat
- Slow Functions
- No array_merge() In Loops
- Could Use Short Assignation
- Pre-increment
- Avoid Substr() One
- Global Inside Loop
- Joining file()
- Simplify Regex
- Make One Call With Array
- No Count With 0
- Use ::Class Operator
- time() Vs strtotime()
- Getting Last Element
- Avoid array_push()
- Should Use Function
- Fetch One Row Format
- Avoid glob() Usage
- Avoid Large Array Assignation
- Should Use array_column()
- Avoid Concat In Loop
- Use pathinfo() Arguments
- Simple Switch And Match
- Substring First
- Use PHP7 Encapsed Strings
- Slice Arrays First
- Double array_flip()
- Processing Collector
- Do In Base
- Cache Variable Outside Loop
- Use The Blind Var
- Closure Could Be A Callback
- fputcsv() In Loops
- Isset() On The Whole Array
- array_key_exists() Speedup
- Autoappend
- Make Magic Concrete
- Regex On Arrays
- Always Use Function With array_key_exists()
- No mb_substr In Loop
- Optimize Explode()
- Scope Resolution Operator
- Static Call May Be Truly Static
- Simplify Foreach
- Too Many Extractions
- Skip Empty Array
- Ellipsis Merge
- Pre-Calculate Use
- Substr() In Loops
- Should Cache Local
- Recalled Condition
2.3.36.1. Specs¶
Short name | Performances |
Available in | Entreprise Edition, Exakat Cloud |
Reports |
2.3.37. Preferences¶
This ruleset identify code with multiple forms, and report when one is more frequent than the others. Echo vs print, shell_exec() vs ``, etc.
Total : 38 analysis
- True False Inconsistant Case
- Echo Or Print
- Constant Comparison
- Die Exit Consistence
- Array() / [ ] Consistence
- $GLOBALS Or global
- Unset() Or (unset)
- Close Tags Consistency
- One Expression Brackets Consistency
- New On Functioncall Or Identifier
- New Line Style
- Regex Delimiter
- Empty Final Element
- Difference Consistence
- Concatenation Interpolation Consistence
- Heredoc Delimiter
- strict_types Preference
- Declare strict_types Usage
- Encoding Usage
- Ticks Usage
- Logical Operators Favorite
- Shell Favorite
- Properties Declaration Consistence
- Strict Or Relaxed Comparison
- Comparisons Orientation
- Const Or Define Preference
- Constant Case Preference
- Caught Variable
- Not Or Tilde
- Null Type Favorite
- String Interpolation Favorite
- Constant : With Or Without Use
- If Then Return Favorite
- Empty Array Detection
- Strict In_Array() Preference
- date() versus DateTime Preference
- Mono Or Multibytes Favorite
- Short Or Complete Comparison
2.3.37.1. Specs¶
Short name | Preferences |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador, Diplomat |
2.3.38. Rector¶
RectorPHP is a reconstructor tool. It applies modifications in the PHP code automatically. Exakat finds results which may be automatically updated with rector.
Total : 14 analysis
- Adding Zero
- Multiple Index Definition
- For Using Functioncall
- Multiply By One
- Multiples Identical Case
- Preprocessable
- Implied If
- Else If Versus Elseif
- Could Use Short Assignation
- Should Typecast
- No Choice
- Never Called Parameter
- Closure Could Be A Callback
- Is_A() With String
2.3.38.1. Specs¶
Short name | Rector |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador, Rector |
2.3.39. Security¶
This ruleset focuses on code security.
Total : 47 analysis
- Eval() Usage
- Phpinfo
- var_dump()… Usage
- Hardcoded Passwords
- Direct Injection
- Avoid sleep()/usleep()
- parse_str() Warning
- Avoid Those Hash Functions
- No Hardcoded Port
- Should Use Prepared Statement
- No Hardcoded Ip
- Compare Hash
- preg_replace With Option e
- eval() Without Try
- Register Globals
- Safe Curl Options
- Use random_int()
- No Hardcoded Hash
- Random Without Try
- Indirect Injection
- Unserialize Second Arg
- Don’t Echo Error
- Should Use session_regenerateid()
- Encoded Simple Letters
- Set Cookie Safe Arguments
- No Return Or Throw In Finally
- Mkdir Default
- Switch Fallthrough
- Upload Filename Injection
- Always Anchor Regex
- Session Lazy Write
- Sqlite3 Requires Single Quotes
- No Net For Xml Load
- Dynamic Library Loading
- Configure Extract
- move_uploaded_file Instead Of copy
- filter_input() As A Source
- Safe HTTP Headers
- Insecure Integer Validation
- Minus One On Error
- No ENT_IGNORE
- No Weak SSL Crypto
- Keep Files Access Restricted
- Check Crypto Key Length
- Incompatible Types With Incoming Values
- Filter Not Raw
- Unvalidated Data Cached In Session
2.3.39.1. Specs¶
Short name | Security |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Ambassador, Owasp |
2.3.40. Semantics¶
This ruleset focuses on human interpretation of the code. It reviews special values of literals, and named structures.
Total : 34 analysis
- Ambiguous Array Index
- Constants With Strange Names
- Function Called With Other Case Than Defined
- Variables With One Letter Names
- One Letter Functions
- Property Variable Confusion
- PHP Keywords As Names
- Strange Names In Classes
- Class Function Confusion
- Strange Name For Variables
- Strange Name For Constants
- Ambiguous Static
- Ambiguous Visibilities
- Could Be Constant
- Similar Integers
- Duplicate Literal
- Parameter Hiding
- Weird Array Index
- Wrong Typehinted Name
- Semantic Typing
- Fn Argument Variable Confusion
- Prefix And Suffixes With Typehint
- Static Global Variables Confusion
- Possible Alias Confusion
- Mismatch Parameter And Type
- Wrong Locale
- Overload Existing Names
- Same Name For Property And Method
- Ambiguous Types With Variables
- Method Property Confusion
- Too Many Chained Calls
- No Variable Needed
- No Initial S In Variable Names
- Array Access On Literal Array
2.3.40.1. Specs¶
Short name | Semantics |
Available in | Entreprise Edition, Exakat Cloud |
2.3.41. Suggestions¶
This ruleset focuses on possibly better syntax than the one currently used. Those may be code modernization, alternatives, more efficient solutions, or simply left over from older versions.
Total : 122 analysis
- While(List() = Each())
- Function Subscripting, Old Style
- ** For Exponent
- Too Many Children
- Empty With Expression
- list() May Omit Variables
- Unreachable Code
- Overwritten Exceptions
- Return With Parenthesis
- Strict Comparison With Booleans
- Logical Should Use Symbolic Operators
- Could Use self
- Preprocess Arrays
- Repeated print()
- Echo With Concat
- No Parenthesis For Language Construct
- Unused Interfaces
- Avoid Substr() One
- PHP7 Dirname
- preg_match_all() Flag
- Already Parents Interface
- Could Use __DIR__
- Should Use Coalesce
- Could Use Alias
- Drop Else After Return
- Unitialized Properties
- Should Use array_column()
- Randomly Sorted Arrays
- No Return Used
- Could Make A Function
- Use session_start() Options
- Mismatched Ternary Alternatives
- Isset Multiple Arguments
- Should Use Foreach
- Substring First
- Use List With Foreach
- Slice Arrays First
- Parent First
- Never Called Parameter
- Should Use array_filter()
- Reuse Existing Variable
- Should Use Math
- Could Use Compact
- Could Use array_fill_keys
- Use Count Recursive
- Too Many Parameters
- Should Preprocess Chr()
- Possible Increment
- Drop Substr Last Arg
- One If Is Sufficient
- Could Use array_unique
- Nonexistent Variable In compact()
- Should Use Operator
- Could Be Static Closure
- Use is_countable
- Detect Current Class
- Avoid Real
- Use json_decode() Options
- Closure Could Be A Callback
- Add Default Value
- Named Regex
- Could Use Try
- Use Basename Suffix
- Don’t Loop On Yield
- Should Have Destructor
- Directly Use File
- Isset() On The Whole Array
- Multiple Usage Of Same Trait
- array_key_exists() Speedup
- Should Deep Clone
- Multiple Unset()
- Implode One Arg
- Useless Default Argument
- No Need For get_class()
- Substr To Trim
- Complex Dynamic Names
- Use DateTimeImmutable Class
- Set Aside Code
- Use Array Functions
- Use The Case Value
- Should Use Url Query Functions
- Too Long A Block
- Static Global Variables Confusion
- Possible Alias Confusion
- Too Much Indented
- Avoid Compare Typed Boolean
- Abstract Away
- Large Try Block
- Cancel Common Method
- Useless Typehint
- Could Use Promoted Properties
- Use get_debug_type()
- Use str_contains()
- Unused Exception Variable
- Searching For Multiple Keys
- Long Preparation For Throw
- No Static Variable In A Method
- Declare Static Once
- Could Use Match
- Could Use Nullable Object Operator
- Argument Could Be Iterable
- Multiple Similar Calls
- Could Be Ternary
- Use File Append
- Could Use Existing Constant
- Could Use array_sum()
- Too Many Stringed Elseif
- Could Be Spaceship
- Throw Raw Exceptions
- Lowered Access Level
- Could Set Property Default
- Could Be Enumeration
- Magic Method Returntype Is Restricted
- Could Be Abstract Method
- Could Use Class Operator
- Could Use Namespace Magic Constant
- Json_encode() Without Exceptions
- Class Could Be Readonly
- Use str_ends_with()
- Use str_starts_with()
- Blind Variable Used Beyond Loop
- Could Be array_combine()
2.3.41.1. Specs¶
Short name | Suggestions |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Diplomat, Ambassador |
2.3.42. Surprising¶
PHP is full of exceptional situations where something doesn’t work as expected, or as we thought would be expected. Then, exakat gets a rule for that, and it is listed here. Watch out, unusual beasts are hidden in this list : the most interesting is possibly the docs.
Total : 1 analysis
2.3.42.1. Specs¶
Short name | Surprising |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Text |
2.3.43. Top10¶
This ruleset is a selection of analysis, with the top 10 most common. Actually, it is a little larger than that.
Total : 28 analysis
- For Using Functioncall
- Strpos()-like Comparison
- Used Once Variables
- Dangling Array References
- Queries In Loops
- Use const
- Logical Should Use Symbolic Operators
- Repeated print()
- Objects Don’t Need References
- No Real Comparison
- No array_merge() In Loops
- Unresolved Instanceof
- Avoid Substr() One
- No Choice
- Failed Substr Comparison
- Unitialized Properties
- Could Use str_repeat()
- Logical Operators Favorite
- Avoid Concat In Loop
- Next Month Trap
- Substring First
- Use List With Foreach
- Don’t Unset Properties
- Avoid Real
- Should Yield With Key
- fputcsv() In Loops
- Possible Missing Subpattern
- Concat And Addition
2.3.43.1. Specs¶
Short name | Top10 |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Top10 |
2.3.44. Typechecks¶
This ruleset focuses on typehinting. Missing typehints, or inconsistent typehint, are reported.
Total : 28 analysis
- Argument Should Be Typehinted
- Useless Interfaces
- No Class As Typehint
- Mismatched Default Arguments
- Mismatched Typehint
- Child Class Removes Typehint
- Not A Scalar Type
- Mismatch Type And Default
- Insufficient Typehint
- Bad Typehint Relay
- Wrong Type With Call
- Missing Typehint
- Fossilized Method
- Could Be String
- Could Be Void
- Could Be Callable
- Wrong Argument Type
- Type Could Be Integer
- Could Be Null
- Typehint Could Be Iterable
- Could Be Float
- Could Be Self
- Could Be Parent
- Could Be Generator
- Argument Could Be Iterable
- Type Could Be Never
- Typehints/CouldBeResource
- Possible TypeError
2.3.44.1. Specs¶
Short name | Typechecks |
Available in | Entreprise Edition, Exakat Cloud |
2.3.45. php-cs-fixable¶
php-cs-fixer is a tool to automatically fix PHP Coding Standards issues. It applies modifications in the PHP code automatically. Exakat finds results which may be automatically updated with PHP-CS-FIXER.
Total : 0 analysis
2.3.45.1. Specs¶
Short name | php-cs-fixer |
Available in | Entreprise Edition, Exakat Cloud |
Reports | Phpcsfixer |