Sign upLogin

CuyZ/NotiZ

View on GitHub
Star
Classes/Core/Definition/Tree/EventGroup/Event/Connection/Hook.php

Summary

Maintainability
A
0 mins
Test Coverage

The method preventEvalNeverIdealStuff() contains an eval expression.
Wontfix

        eval($classPhpCode);
Severity: Minor
Found in Classes/Core/Definition/Tree/EventGroup/Event/Connection/Hook.php by phpmd

EvalExpression

Since: 0.2

An eval-expression is untestable, a security risk and bad practice. Therefore it should be avoided. Consider to replace the eval-expression with regular code.

Example

class Foo {
    public function bar($param)  {
        if ($param === 42) {
            eval('$param = 23;');
        }
    }
}

Source https://phpmd.org/rules/design.html#evalexpression

hookIsRegistered accesses the super-global variable $GLOBALS.
Wontfix

    protected function hookIsRegistered(): bool
    {
        return ArrayUtility::isValidPath($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'], $this->getFullPath(), '|');
    }
Severity: Minor
Found in Classes/Core/Definition/Tree/EventGroup/Event/Connection/Hook.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

injectHookInGlobalArray accesses the super-global variable $GLOBALS.
Open

    protected function injectHookInGlobalArray($closure)
    {
        $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'] = ArrayUtility::setValueByPath(
            $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'],
            $this->getFullPath(),
Severity: Minor
Found in Classes/Core/Definition/Tree/EventGroup/Event/Connection/Hook.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

getTypoScriptFrontendController accesses the super-global variable $GLOBALS.
Wontfix

    protected function getTypoScriptFrontendController(): TypoScriptFrontendController
    {
        return $GLOBALS['TSFE'];
    }
Severity: Minor
Found in Classes/Core/Definition/Tree/EventGroup/Event/Connection/Hook.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

injectHookInGlobalArray accesses the super-global variable $GLOBALS.
Open

    protected function injectHookInGlobalArray($closure)
    {
        $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'] = ArrayUtility::setValueByPath(
            $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'],
            $this->getFullPath(),
Severity: Minor
Found in Classes/Core/Definition/Tree/EventGroup/Event/Connection/Hook.php by phpmd

Superglobals

Since: 0.2

Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.

Example

class Foo {
    public function bar() {
        $name = $_POST['foo'];
    }
}

Source

Remove this use of the "eval" function.
Wontfix

        eval($classPhpCode);
Severity: Critical
Found in Classes/Core/Definition/Tree/EventGroup/Event/Connection/Hook.php by sonar-php

The eval function is a way to run arbitrary code at run-time.

According to the PHP documentation

The eval() language construct is very dangerous because it allows execution of arbitrary PHP code. Its use thus is discouraged. If you have carefully verified that there is no other option than to use this construct, pay special attention not to pass any user provided data into it without properly validating it beforehand.

Noncompliant Code Example

eval($code_to_be_dynamically_executed)

See

The method register uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them.
Open

        } else {
            $closure = function () use ($eventRunner) {
                return call_user_func_array($eventRunner->getCallable(), func_get_args());
            };
        }
Severity: Minor
Found in Classes/Core/Definition/Tree/EventGroup/Event/Connection/Hook.php by phpmd

ElseExpression

Since: 1.4.0

An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.

Example

class Foo
{
    public function bar($flag)
    {
        if ($flag) {
            // one branch
        } else {
            // another branch
        }
    }
}

Source https://phpmd.org/rules/cleancode.html#elseexpression

There are no issues that match your filters.

Category
Status