importAllIssues accesses the super-global variable $_SERVER. Open
public function importAllIssues($serviceName, $projectKey)
{
$lockfileKey = $this->getImportLockID($serviceName, $projectKey);
if ($this->isImportLocked($lockfileKey)) {
throw new RuntimeException('Import of Issues is already locked!');- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
importAllIssues accesses the super-global variable $_SERVER. Open
public function importAllIssues($serviceName, $projectKey)
{
$lockfileKey = $this->getImportLockID($serviceName, $projectKey);
if ($this->isImportLocked($lockfileKey)) {
throw new RuntimeException('Import of Issues is already locked!');- Read upRead up
- Exclude checks
Superglobals
Since: 0.2
Accessing a super-global variable directly is considered a bad practice. These variables should be encapsulated in objects that are provided by a framework, for instance.
Example
class Foo {
public function bar() {
$name = $_POST['foo'];
}
}Source
Method importAllIssues has 51 lines of code (exceeds 25 allowed). Consider refactoring. Open
public function importAllIssues($serviceName, $projectKey)
{
$lockfileKey = $this->getImportLockID($serviceName, $projectKey);
if ($this->isImportLocked($lockfileKey)) {
throw new RuntimeException('Import of Issues is already locked!');Function importAllIssues has a Cognitive Complexity of 12 (exceeds 5 allowed). Consider refactoring. Open
public function importAllIssues($serviceName, $projectKey)
{
$lockfileKey = $this->getImportLockID($serviceName, $projectKey);
if ($this->isImportLocked($lockfileKey)) {
throw new RuntimeException('Import of Issues is already locked!');- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Reduce the number of returns of this function 4, down to the maximum allowed 3. Open
public function isImportLocked($id)- Read upRead up
- Exclude checks
Having too many return statements in a function increases the function's essential complexity because the flow of execution is broken each time a return statement is encountered. This makes it harder to read and understand the logic of the function.
Noncompliant Code Example
With the default threshold of 3:
function myFunction(){ // Noncompliant as there are 4 return statements
if (condition1) {
return true;
} else {
if (condition2) {
return false;
} else {
return true;
}
}
return false;
}
Missing class import via use statement (line '321', column '30'). Open
$changelog = new PageChangelog($page['page']);- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '39', column '23'). Open
throw new RuntimeException('Import of Issues is already locked!');- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}Source http://phpmd.org/rules/cleancode.html#MissingImport
Missing class import via use statement (line '67', column '31'). Open
throw new RuntimeException('Import of Issues aborted because lock removed');- Read upRead up
- Exclude checks
MissingImport
Since: 2.7.0
Importing all external classes in a file through use statements makes them clearly visible.
Example
function make() {
return new \stdClass();
}Source http://phpmd.org/rules/cleancode.html#MissingImport
Avoid using static access to class '\dokuwiki\plugin\issuelinks\classes\ServiceProvider' in method 'importAllIssues'. Open
$serviceProvider = ServiceProvider::getInstance();- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\dokuwiki\plugin\issuelinks\classes\Issue' in method 'getMergeRequestsForIssue'. Open
$issue = Issue::getInstance(
$issueData['service'],
$issueData['project_id'],
$issueData['issue_id'],
$issueData['is_mergerequest']- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Avoid using static access to class '\dokuwiki\plugin\issuelinks\classes\Issue' in method 'getIssue'. Open
$issue = Issue::getInstance($pmServiceName, $project, $issueid, $isMergeRequest);- Read upRead up
- Exclude checks
StaticAccess
Since: 1.4.0
Static access causes unexchangeable dependencies to other classes and leads to hard to test code. Avoid using static access at all costs and instead inject dependencies through the constructor. The only case when static access is acceptable is when used for factory methods.
Example
class Foo
{
public function bar()
{
Bar::baz();
}
}Source https://phpmd.org/rules/cleancode.html#staticaccess
Define a constant instead of duplicating this literal "REMOTE_USER" 3 times. Open
$this->lockImport($lockfileKey, json_encode(['user' => $_SERVER['REMOTE_USER'], 'status' => 'started']));- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() {
prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times
execute('action1');
release('action1');
}
Compliant Solution
ACTION_1 = 'action1';
function run() {
prepare(ACTION_1);
execute(ACTION_1);
release(ACTION_1);
}
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal ".lock" 6 times. Open
$lockFN = $conf['lockdir'] . '/' . md5('_' . $id) . '.lock';- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() {
prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times
execute('action1');
release('action1');
}
Compliant Solution
ACTION_1 = 'action1';
function run() {
prepare(ACTION_1);
execute(ACTION_1);
release(ACTION_1);
}
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define and throw a dedicated exception instead of using a generic one. Open
throw new RuntimeException('Import of Issues is already locked!');- Read upRead up
- Exclude checks
If you throw a general exception type, such as ErrorException, RuntimeException, or Exception in a library or framework, it forces consumers to catch all exceptions, including unknown exceptions that they do not know how to handle.
Instead, either throw a subtype that already exists in the Standard PHP Library, or create your own type that derives from Exception.
Noncompliant Code Example
throw new Exception(); // Noncompliant
Compliant Solution
throw new InvalidArgumentException(); // or throw new UnexpectedValueException();
See
- MITRE, CWE-397 - Declaration of Throws for Generic Exception
- CERT, ERR07-J. - Do not throw RuntimeException, Exception, or Throwable
Define a constant instead of duplicating this literal "lockdir" 6 times. Open
$lockFN = $conf['lockdir'] . '/' . md5('_' . $id) . '.lock';- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() {
prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times
execute('action1');
release('action1');
}
Compliant Solution
ACTION_1 = 'action1';
function run() {
prepare(ACTION_1);
execute(ACTION_1);
release(ACTION_1);
}
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define and throw a dedicated exception instead of using a generic one. Open
throw new RuntimeException('Import of Issues aborted because lock removed');- Read upRead up
- Exclude checks
If you throw a general exception type, such as ErrorException, RuntimeException, or Exception in a library or framework, it forces consumers to catch all exceptions, including unknown exceptions that they do not know how to handle.
Instead, either throw a subtype that already exists in the Standard PHP Library, or create your own type that derives from Exception.
Noncompliant Code Example
throw new Exception(); // Noncompliant
Compliant Solution
throw new InvalidArgumentException(); // or throw new UnexpectedValueException();
See
- MITRE, CWE-397 - Declaration of Throws for Generic Exception
- CERT, ERR07-J. - Do not throw RuntimeException, Exception, or Throwable
Define a constant instead of duplicating this literal "status" 7 times. Open
$this->lockImport($lockfileKey, json_encode(['user' => $_SERVER['REMOTE_USER'], 'status' => 'started']));- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() {
prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times
execute('action1');
release('action1');
}
Compliant Solution
ACTION_1 = 'action1';
function run() {
prepare(ACTION_1);
execute(ACTION_1);
release(ACTION_1);
}
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Rename "$db" which has the same name as the field declared at line 16. Open
$db = plugin_load('helper', 'issuelinks_db');- Read upRead up
- Exclude checks
Shadowing fields with a local variable is a bad practice that reduces code readability: it makes it confusing to know whether the field or the variable is being used.
Noncompliant Code Example
class Foo {
public $myField;
public function doSomething() {
$myField = 0;
...
}
}
See
- CERT, DCL51-J. - Do not shadow or obscure identifiers in subscopes
Call to undeclared function \dbglog() Open
dbglog($e->getResponseBody());- Exclude checks
Call to undeclared function \auth_quickaclcheck() Open
if (auth_quickaclcheck($page['page']) >= AUTH_READ) {- Exclude checks
Call to undeclared function \io_readFile() Open
$lockData = json_decode(io_readFile($lockFN), true);- Exclude checks
Call to method getRevisionInfo from undeclared class \PageChangelog Open
$revision = $changelog->getRevisionInfo($page['rev']);- Exclude checks
Call to undeclared function \dbglog() Open
dbglog($e->getUrl());- Exclude checks
Call to undeclared function \io_readFile() Open
$lockData = json_decode(io_readFile($lockFN), true);- Exclude checks
Reference to undeclared constant \AUTH_READ Open
if (auth_quickaclcheck($page['page']) >= AUTH_READ) {- Exclude checks
Call to undeclared method \helper_plugin_issuelinks_data::loadHelper Open
$this->db = $this->loadHelper('issuelinks_db');- Exclude checks
Call to undeclared function \dbglog() Open
dbglog('issuelinks: stale lock timeout');- Exclude checks
Call to undeclared function \io_readFile() Open
return json_decode(io_readFile($lockFN), true);- Exclude checks
Call to method __construct from undeclared class \PageChangelog Open
$changelog = new PageChangelog($page['page']);- Exclude checks
Call to undeclared function \dbglog() Open
dbglog(- Exclude checks
Call to undeclared function \dbglog() Open
dbglog($e->getHttpError());- Exclude checks
Call to undeclared function \dbglog() Open
dbglog($e->getMessage());- Exclude checks
Class extends undeclared class \DokuWiki_Plugin Open
class helper_plugin_issuelinks_data extends DokuWiki_Plugin- Exclude checks
Call to undeclared function \dbglog() Open
dbglog('start import. $lockfileKey: ' . $lockfileKey);- Exclude checks
Call to undeclared function \io_saveFile() Open
io_saveFile($lockFN, json_encode($lockData));- Exclude checks
Call to undeclared function \dbglog() Open
dbglog('lock import: ' . $jsonData, __FILE__ . ': ' . __LINE__);- Exclude checks
Call to undeclared function \dbglog() Open
dbglog($serviceClass);- Exclude checks
Call to undeclared function \io_saveFile() Open
io_saveFile($lock, $jsonData);- Exclude checks
Call to undeclared function \io_readFile() Open
$lockData = json_decode(io_readFile($lockFN), true);- Exclude checks
Call to undeclared function \plugin_load() Open
$db = plugin_load('helper', 'issuelinks_db');- Exclude checks
Call to undeclared function \dbglog() Open
dbglog($services);- Exclude checks
Call to undeclared function \dbglog() Open
dbglog($serviceName);- Exclude checks
Call to undeclared function \dbglog() Open
dbglog($e->getCode());- Exclude checks
Each class must be in a namespace of at least one level (a top-level vendor name) Open
class helper_plugin_issuelinks_data extends DokuWiki_Plugin- Exclude checks
Avoid variables with short names like $db. Configured minimum length is 3. Open
$db = plugin_load('helper', 'issuelinks_db');- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $id. Configured minimum length is 3. Open
public function unlockImport($id)- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
The class helper_plugin_issuelinks_data is not named in CamelCase. Open
class helper_plugin_issuelinks_data extends DokuWiki_Plugin
{
/** @var helper_plugin_issuelinks_db */
private $db = null;- Read upRead up
- Exclude checks
CamelCaseClassName
Since: 0.2
It is considered best practice to use the CamelCase notation to name classes.
Example
class class_name {
}Source
Avoid variables with short names like $id. Configured minimum length is 3. Open
public function getLockContent($id)- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $id. Configured minimum length is 3. Open
public function lockImport($id, $jsonData)- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $db. Configured minimum length is 3. Open
private $db = null;- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $id. Configured minimum length is 3. Open
public function isImportLocked($id)- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Avoid variables with short names like $id. Configured minimum length is 3. Open
public function isImportLockedByMe($id)- Read upRead up
- Exclude checks
ShortVariable
Since: 0.2
Detects when a field, local, or parameter has a very short name.
Example
class Something {
private $q = 15; // VIOLATION - Field
public static function main( array $as ) { // VIOLATION - Formal
$r = 20 + $this->q; // VIOLATION - Local
for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
$r += $this->q;
}
}
}Source https://phpmd.org/rules/naming.html#shortvariable
Class name "helper_plugin_issuelinks_data" is not in camel caps format Open
class helper_plugin_issuelinks_data extends DokuWiki_Plugin- Exclude checks
The variable $INPUT is not named in camelCase. Open
public function isImportLockedByMe($id)
{
if (!$this->isImportLocked($id)) {
return false;
}- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}Source
The variable $INPUT is not named in camelCase. Open
public function isImportLockedByMe($id)
{
if (!$this->isImportLocked($id)) {
return false;
}- Read upRead up
- Exclude checks
CamelCaseVariableName
Since: 0.2
It is considered best practice to use the camelCase notation to name variables.
Example
class ClassName {
public function doSomething() {
$data_module = new DataModule();
}
}