Sign upLogin

YetiForceCompany/YetiForceCRM

View on GitHub
Star
config/Security.php

Summary

Maintainability
A
0 mins
Test Coverage
F
0%

Remove this hard-coded password.
Open

    public static $proxyPassword = '';
Severity: Blocker
Found in config/Security.php by sonar-php

Because it is easy to extract strings from a compiled application, credentials should never be hard-coded. Do so, and they're almost guaranteed to end up in the hands of an attacker. This is particularly true for applications that are distributed.

Credentials should be stored outside of the code in a strongly-protected encrypted configuration file or database.

Noncompliant Code Example

$uname = "steve";
$password = "blue";
connect($uname, $password);

Compliant Solution

$uname = getEncryptedUser();
$password = getEncryptedPass();
connect($uname, $password);

See

The class Security has 56 fields. Consider redesigning Security to keep the number of fields under 15.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

TooManyFields

Since: 0.1

Classes that have too many fields could be redesigned to have fewer fields, possibly through some nested object grouping of some of the information. For example, a class with city/state/zip fields could instead have one Address field.

Example

class Person {
   protected $one;
   private $two;
   private $three;
   [... many more fields ...]
}

Source https://phpmd.org/rules/codesize.html#toomanyfields

The class Security has 56 public methods and attributes. Consider reducing the number of public items to less than 45.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

ExcessivePublicCount

Since: 0.1

A large number of public methods and attributes declared in a class can indicate the class may need to be broken up as increased effort will be required to thoroughly test it.

Example

public class Foo {
    public $value;
    public $something;
    public $var;
    // [... more more public attributes ...]

    public function doWork() {}
    public function doMoreWork() {}
    public function doWorkAgain() {}
    // [... more more public methods ...]
}

Source https://phpmd.org/rules/codesize.html#excessivepubliccount

Avoid excessively long variable names like $PERMITTED_BY_SHARED_OWNERS. Keep variable name length under 20.
Open

    public static $PERMITTED_BY_SHARED_OWNERS = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $CACHE_LIFETIME_SENSIOLABS_SECURITY_CHECKER. Keep variable name length under 20.
Open

    public static $CACHE_LIFETIME_SENSIOLABS_SECURITY_CHECKER = 3600;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $permittedModulesByCreatorField. Keep variable name length under 20.
Open

    public static $permittedModulesByCreatorField = [];
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $EMAIL_FIELD_RESTRICTED_DOMAINS_EXCLUDED. Keep variable name length under 20.
Open

    public static $EMAIL_FIELD_RESTRICTED_DOMAINS_EXCLUDED = ['OSSEmployees', 'Users'];
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $PERMITTED_BY_RECORD_HIERARCHY. Keep variable name length under 20.
Open

    public static $PERMITTED_BY_RECORD_HIERARCHY = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $PERMITTED_BY_ADVANCED_PERMISSION. Keep variable name length under 20.
Open

    public static $PERMITTED_BY_ADVANCED_PERMISSION = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $fieldsReferencesDependent. Keep variable name length under 20.
Open

    public static $fieldsReferencesDependent = false;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $CHANGE_LOGIN_PASSWORD. Keep variable name length under 20.
Open

    public static $CHANGE_LOGIN_PASSWORD = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $allowedDomainsLoadInFrame. Keep variable name length under 20.
Open

    public static $allowedDomainsLoadInFrame = [];
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $generallyAllowedDomains. Keep variable name length under 20.
Open

    public static $generallyAllowedDomains = [];
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $askSuperUserAboutVisitPurpose. Keep variable name length under 20.
Open

    public static $askSuperUserAboutVisitPurpose = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $askAdminAboutVisitPurpose. Keep variable name length under 20.
Open

    public static $askAdminAboutVisitPurpose = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $permittedWriteAccessByCreatorField. Keep variable name length under 20.
Open

    public static $permittedWriteAccessByCreatorField = false;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $USER_ENCRYPT_PASSWORD_COST. Keep variable name length under 20.
Open

    public static $USER_ENCRYPT_PASSWORD_COST = 10;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $loginSessionRegenerate. Keep variable name length under 20.
Open

    public static $loginSessionRegenerate = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $apiLifetimeSessionUpdate. Keep variable name length under 20.
Open

    public static $apiLifetimeSessionUpdate = 240;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $purifierAllowedDomains. Keep variable name length under 20.
Open

    public static $purifierAllowedDomains = [];
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $maxLifetimeSessionCookie. Keep variable name length under 20.
Open

    public static $maxLifetimeSessionCookie = 0;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $forceHttpsRedirection. Keep variable name length under 20.
Open

    public static $forceHttpsRedirection = false;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $EMAIL_FIELD_RESTRICTED_DOMAINS_ALLOWED. Keep variable name length under 20.
Open

    public static $EMAIL_FIELD_RESTRICTED_DOMAINS_ALLOWED = [];
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $apiLifetimeSessionCreate. Keep variable name length under 20.
Open

    public static $apiLifetimeSessionCreate = 1440;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $askAdminAboutVisitSwitchUsers. Keep variable name length under 20.
Open

    public static $askAdminAboutVisitSwitchUsers = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $LOGIN_PAGE_REMEMBER_CREDENTIALS. Keep variable name length under 20.
Open

    public static $LOGIN_PAGE_REMEMBER_CREDENTIALS = false;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $PERMITTED_BY_PRIVATE_FIELD. Keep variable name length under 20.
Open

    public static $PERMITTED_BY_PRIVATE_FIELD = true;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $allowedConnectDomains. Keep variable name length under 20.
Open

    public static $allowedConnectDomains = [];
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $CACHING_PERMISSION_TO_RECORD. Keep variable name length under 20.
Open

    public static $CACHING_PERMISSION_TO_RECORD = false;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $EMAIL_FIELD_RESTRICTED_DOMAINS_VALUES. Keep variable name length under 20.
Open

    public static $EMAIL_FIELD_RESTRICTED_DOMAINS_VALUES = [];
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $EMAIL_FIELD_RESTRICTED_DOMAINS_ACTIVE. Keep variable name length under 20.
Open

    public static $EMAIL_FIELD_RESTRICTED_DOMAINS_ACTIVE = false;
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

Avoid excessively long variable names like $csrfFrameBreakerWindow. Keep variable name length under 20.
Open

    public static $csrfFrameBreakerWindow = 'top';
Severity: Minor
Found in config/Security.php by phpmd

LongVariable

Since: 0.2

Detects when a field, formal or local variable is declared with a long name.

Example

class Something {
    protected $reallyLongIntName = -3; // VIOLATION - Field
    public static function main( array $interestingArgumentsList[] ) { // VIOLATION - Formal
        $otherReallyLongName = -5; // VIOLATION - Local
        for ($interestingIntIndex = 0; // VIOLATION - For
             $interestingIntIndex < 10;
             $interestingIntIndex++ ) {
        }
    }
}

Source https://phpmd.org/rules/naming.html#longvariable

The property $SHOW_MY_PREFERENCES is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $CHANGE_LOGIN_PASSWORD is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $RESET_LOGIN_PASSWORD is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $EMAIL_FIELD_RESTRICTED_DOMAINS_ACTIVE is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $EMAIL_FIELD_RESTRICTED_DOMAINS_ALLOWED is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $USER_AUTHY_MODE is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $PERMITTED_BY_PRIVATE_FIELD is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $PERMITTED_BY_RECORD_HIERARCHY is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $USER_ENCRYPT_PASSWORD_COST is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $CACHE_LIFETIME_SENSIOLABS_SECURITY_CHECKER is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $PERMITTED_BY_SHARED_OWNERS is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $CACHING_PERMISSION_TO_RECORD is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $PERMITTED_BY_SHARING is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $PERMITTED_BY_ADVANCED_PERMISSION is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $EMAIL_FIELD_RESTRICTED_DOMAINS_EXCLUDED is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $LOGIN_PAGE_REMEMBER_CREDENTIALS is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $EMAIL_FIELD_RESTRICTED_DOMAINS_VALUES is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

The property $PERMITTED_BY_ROLES is not named in camelCase.
Open

class Security
{
    /**
     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpmd

CamelCasePropertyName

Since: 0.2

It is considered best practice to use the camelCase notation to name attributes.

Example

class ClassName {
    protected $property_name;
}

Source

Spaces must be used for alignment; tabs are not allowed
Open

     *         We do not recommend using this option in production environments.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     *         We do not recommend using this option in production environments.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     *         Permissions are not verified in real time. They are updated via cron.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Restricted domains */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Maximum session lifetime since the last modification (in minutes) */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * HTTP Public-Key-Pins (HPKP) pin-sha256 For HPKP to work properly at least 2 keys are needed.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $LOGIN_PAGE_REMEMBER_CREDENTIALS = false;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Update the current session id with a newly generated one after login and logout */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Force the use of https only for cookie.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $apiLifetimeSessionCreate = 1440;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $forceUrlRedirection = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $verifyRefererHeader = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Allowed domains for loading images, used in CSP. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Proxy host */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $fieldsReferencesDependent = false;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Same-site cookie attribute allows a web application to advise the browser that cookies should only be sent if the request originates from the website the cookie came from.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Verify referer header */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $csrfFrameBreakerWindow = 'top';
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * CSP: frame-ancestors.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Allowed domains which can be used as the target of a form submissions from a given context, used in CSP. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $proxyProtocol = '';
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Remember user credentials */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $maxLifetimeSession = 900;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * How much time can someone be logged in to the browser. Defaults to 0.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     *
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * TOTP_OFF - 2FA TOTP is checking off
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $csrfActive = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $csrfLifetimeToken = 28800;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Which window should be verified? It is used to check if the system is loaded in the frame, used in CSRF. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** @var bool Ask admin about visit purpose */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * false - Permissions based on adding tables with permissions to query (old mechanism).
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * User authentication mode.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $forceHttpsRedirection = false;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** HTTP Content Security Policy response header allows website administrators to control resources the user agent is allowed to load for a given page */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** List of allowed domains for fields with HTML support */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Proxy port */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $EMAIL_FIELD_RESTRICTED_DOMAINS_ALLOWED = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $cookieForceHttpOnly = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $whitelistIp2fa = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $proxyConnection = false;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $EMAIL_FIELD_RESTRICTED_DOMAINS_EXCLUDED = ['OSSEmployees', 'Users'];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * @see \Users_Totp_Authmethod::ALLOWED_USER_AUTHY_MODE
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * TOTP_OPTIONAL - It is defined by the user
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Specifies valid parents that may embed a page using <frame>, <iframe>, <object>, <embed> or <applet> and validate referer.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $allowedConnectDomains = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $purifierAllowedDomains = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Interdependent reference fields */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $apiLifetimeSessionUpdate = 240;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Allow access without 2FA.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Redirect to proper url when wrong url is entered. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Enable CSRF protection */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $allowedFrameDomains = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $allowedScriptDomains = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Specifies valid sources for nested browsing contexts loading using elements such as <frame> and <iframe>.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $allowedDomainsLoadInFrame = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $proxyLogin = '';
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $CACHING_PERMISSION_TO_RECORD = false;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Values: true, false, null
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Enable verified frame protection, used in CSRF */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $cspHeaderActive = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Allowed domains which can be loaded using script interfaces. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Generally allowed domains, used in CSP. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $generallyAllowedDomains = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $proxyHost = '';
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Proxy login */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $askAdminAboutVisitPurpose = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $askAdminAboutVisitSwitchUsers = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** @var bool Ask super user about visit purpose, only for the settings part */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $EMAIL_FIELD_RESTRICTED_DOMAINS_ACTIVE = false;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $maxLifetimeSessionCookie = 0;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Force site access to always occur under SSL (https) for selected areas. You will not be able to access selected areas under non-ssl. Note, you must have SSL enabled on your server to utilise this option. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * https://scotthelme.co.uk/hpkp-http-public-key-pinning/, https://sekurak.pl/mechanizm-http-public-key-pinning/.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Allowed domains for loading script, used in CSP. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** @var bool Ask admin about switch users purpose */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Restricted domains allow you to block saving an email address from a given domain in the system.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Specifies the lifetime of the cookie in seconds which is sent to the browser. The value 0 means 'until the browser is closed.'
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * IP address whitelisting.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** HTTP Content Security Policy time interval for generating a new nonce token */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $proxyPassword = '';
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** List of modules excluded from restricted domains validation. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Lifetime session (in seconds) */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Available values:
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Do you want all connections to be made using a proxy? */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Proxy protocol: http, https, tcp */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Proxy password */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Values: None, Lax, Strict
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $allowedImageDomains = ['*.tile.openstreetmap.org'];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $askSuperUserAboutVisitPurpose = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * TOTP_OBLIGATORY - It is obligatory.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Cache lifetime for SensioLabs security checker. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $CACHE_LIFETIME_SENSIOLABS_SECURITY_CHECKER = 3600;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $hpkpKeysHeader = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $csrfFrameBreaker = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * CSP: frame-src.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

     * Restricted domains work only for email address type fields.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $EMAIL_FIELD_RESTRICTED_DOMAINS_VALUES = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $loginSessionRegenerate = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $cookieSameSite = 'Strict';
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $USER_AUTHY_MODE = 'TOTP_OPTIONAL';
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Default expire time of CSRF token in seconds */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $cspHeaderTokenTime = '5 minutes';
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** List of modules where restricted domains are enabled, if empty it will be enabled everywhere. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /** Maximum session lifetime from the time it was created (in minutes) */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $allowedFormDomains = ['https://www.paypal.com'];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used for alignment; tabs are not allowed
Open

    public static $proxyPort = 0;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Permitted by advanced permission. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $permittedWriteAccessByCreatorField = false;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Permitted by record hierarchy. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Changing the settings by the user is possible true/false */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     * true - Permissions based on the users column in vtiger_crmentity.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $SHOW_MY_PREFERENCES = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Possible to reset the password while logging in (true/false) */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Permitted by private field. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $permittedModulesByCreatorField = [];
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $RESET_LOGIN_PASSWORD = false;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Permitted by shared owners. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $PERMITTED_BY_SHARED_OWNERS = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $PERMITTED_BY_RECORD_HIERARCHY = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     * Configuration of the permission mechanism on records list.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Show my preferences */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $CHANGE_LOGIN_PASSWORD = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $PERMITTED_BY_PRIVATE_FIELD = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Permission level access based on the record creation */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $USER_ENCRYPT_PASSWORD_COST = 10;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** List of modules to which access is based on the record creation. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $PERMITTED_BY_SHARING = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     * The greater the value, the longer it takes to encrypt the password.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Permitted by roles. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $PERMITTED_BY_ROLES = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /**
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     *         Permissions are not verified in real time. They are updated via cron.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

     * Password encrypt algorithmic cost. Numeric values - we recommend values greater than 10.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    /** Permitted by sharing. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Spaces must be used to indent lines; tabs are not allowed
Open

    public static $PERMITTED_BY_ADVANCED_PERMISSION = true;
Severity: Minor
Found in config/Security.php by phpcodesniffer

Line exceeds 120 characters; contains 133 characters
Open

     * Specifies the lifetime of the cookie in seconds which is sent to the browser. The value 0 means 'until the browser is closed.'
Severity: Minor
Found in config/Security.php by phpcodesniffer

Line exceeds 120 characters; contains 129 characters
Open

     * Specifies valid parents that may embed a page using <frame>, <iframe>, <object>, <embed> or <applet> and validate referer.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Line exceeds 120 characters; contains 157 characters
Open

    /** HTTP Content Security Policy response header allows website administrators to control resources the user agent is allowed to load for a given page */
Severity: Minor
Found in config/Security.php by phpcodesniffer

Line exceeds 120 characters; contains 178 characters
Open

     * Same-site cookie attribute allows a web application to advise the browser that cookies should only be sent if the request originates from the website the cookie came from.
Severity: Minor
Found in config/Security.php by phpcodesniffer

Line exceeds 120 characters; contains 214 characters
Open

    /** Force site access to always occur under SSL (https) for selected areas. You will not be able to access selected areas under non-ssl. Note, you must have SSL enabled on your server to utilise this option. */
Severity: Minor
Found in config/Security.php by phpcodesniffer

There are no issues that match your filters.

Category
Status