phpsecinfo/PhpSecInfo/Test/Core/upload_tmp_dir.php
Remove error control operator '@' on line 70. Open
Open
public function _execTest()
{
$perms = @fileperms($this->current_value);
if (false === $perms) {- Read upRead up
- Exclude checks
ErrorControlOperator
Error suppression should be avoided if possible as it doesn't just suppress the error, that you are trying to stop, but will also suppress errors that you didn't predict would ever occur. Consider changing error_reporting() level and/or setting up your own error handler.
Example
function foo($filePath) {
$file = @fopen($filPath); // hides exceptions
$key = @$array[$notExistingKey]; // assigns null to $key
}Source http://phpmd.org/rules/cleancode.html#errorcontroloperator
The method _retrieveCurrentValue uses an else expression. Else clauses are basically not necessary and you can simplify the code by not using them. Open
Open
} else {
$this->current_value = $this->sys_get_temp_dir();
}- Read upRead up
- Exclude checks
ElseExpression
Since: 1.4.0
An if expression with an else branch is basically not necessary. You can rewrite the conditions in a way that the else clause is not necessary and the code becomes simpler to read. To achieve this, use early return statements, though you may need to split the code it several smaller methods. For very simple assignments you could also use the ternary operations.
Example
class Foo
{
public function bar($flag)
{
if ($flag) {
// one branch
} else {
// another branch
}
}
}Source https://phpmd.org/rules/cleancode.html#elseexpression
Each class must be in a namespace of at least one level (a top-level vendor name) Open
Open
class PhpSecInfo_Test_Core_Upload_Tmp_Dir extends PhpSecInfo_Test_Core- Exclude checks
The class PhpSecInfo_Test_Core_Upload_Tmp_Dir is not named in CamelCase. Open
Open
class PhpSecInfo_Test_Core_Upload_Tmp_Dir extends PhpSecInfo_Test_Core
{
/**
* This should be a <b>unique</b>, human-readable identifier for this test
*- Read upRead up
- Exclude checks
CamelCaseClassName
Since: 0.2
It is considered best practice to use the CamelCase notation to name classes.
Example
class class_name {
}Source
The property $recommended_value is not named in camelCase. Open
Open
class PhpSecInfo_Test_Core_Upload_Tmp_Dir extends PhpSecInfo_Test_Core
{
/**
* This should be a <b>unique</b>, human-readable identifier for this test
*- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}Source
The property $test_name is not named in camelCase. Open
Open
class PhpSecInfo_Test_Core_Upload_Tmp_Dir extends PhpSecInfo_Test_Core
{
/**
* This should be a <b>unique</b>, human-readable identifier for this test
*- Read upRead up
- Exclude checks
CamelCasePropertyName
Since: 0.2
It is considered best practice to use the camelCase notation to name attributes.
Example
class ClassName {
protected $property_name;
}Source
A file should declare new symbols (classes, functions, constants, etc.) and cause no other side effects, or it should execute logic with side effects, but should not do both. The first symbol is defined on line 19 and the first side effect is on line 14. Open
Open
<?php- Exclude checks
Method name "_execTest" should not be prefixed with an underscore to indicate visibility Open
Open
public function _execTest()- Exclude checks
Method name "_retrieveCurrentValue" should not be prefixed with an underscore to indicate visibility Open
Open
public function _retrieveCurrentValue()- Exclude checks
Method name "_setMessages" should not be prefixed with an underscore to indicate visibility Open
Open
public function _setMessages()- Exclude checks
Line exceeds 120 characters; contains 132 characters Open
Open
$this->setMessageForResult(PHPSECINFO_TEST_RESULT_OK, 'en', 'upload_tmp_dir is enabled, which is the recommended setting.');- Exclude checks
Line exceeds 120 characters; contains 127 characters Open
Open
$this->setMessageForResult(PHPSECINFO_TEST_RESULT_WARN, 'en', 'Unable to retrieve file permissions on upload_tmp_dir');- Exclude checks
Line exceeds 120 characters; contains 126 characters Open
Open
$this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTRUN, 'en', 'Test not run -- currently disabled on Windows OSes');- Exclude checks
Line exceeds 120 characters; contains 140 characters Open
Open
to a common world-writable directory (xx5). This typically allows other users on this server- Exclude checks
Line exceeds 120 characters; contains 139 characters Open
Open
this naming is not allowed for this test and you must provide a custom directory, or is set- Exclude checks
Line exceeds 120 characters; contains 134 characters Open
Open
$this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTICE, 'en', 'upload_tmp_dir is disabled, or you use the /tmp directory but- Exclude checks
Line exceeds 120 characters; contains 129 characters Open
Open
to access temporary copies of files uploaded via your PHP scripts. You should set- Exclude checks
Class name "PhpSecInfo_Test_Core_Upload_Tmp_Dir" is not in camel caps format Open
Open
class PhpSecInfo_Test_Core_Upload_Tmp_Dir extends PhpSecInfo_Test_Core- Exclude checks
The method _retrieveCurrentValue is not named in camelCase. Open
Open
public function _retrieveCurrentValue()
{
$this->current_value = ini_get('upload_tmp_dir');
if (empty($this->current_value)) {- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}Source
The method _execTest is not named in camelCase. Open
Open
public function _execTest()
{
$perms = @fileperms($this->current_value);
if (false === $perms) {- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}Source
The method _setMessages is not named in camelCase. Open
Open
public function _setMessages()
{
parent::_setMessages();
$this->setMessageForResult(PHPSECINFO_TEST_RESULT_NOTRUN, 'en', 'Test not run -- currently disabled on Windows OSes');- Read upRead up
- Exclude checks
CamelCaseMethodName
Since: 0.2
It is considered best practice to use the camelCase notation to name methods.
Example
class ClassName {
public function get_name() {
}
}