Showing 1,091 of 1,093 total issues
Define a constant instead of duplicating this literal "wmeditor" 3 times. Open
if (isset($cookies['wmeditor'])) {
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Reduce the number of returns of this function 6, down to the maximum allowed 3. Open
public static function simplifyOffset($xOffset, $yOffset)
- Read upRead up
- Exclude checks
Having too many return statements in a function increases the function's essential complexity because the flow of execution is broken each time a return statement is encountered. This makes it harder to read and understand the logic of the function.
Noncompliant Code Example
With the default threshold of 3:
function myFunction(){ // Noncompliant as there are 4 return statements if (condition1) { return true; } else { if (condition2) { return false; } else { return true; } } return false; }
Rename "$editor" which has the same name as the field declared at line 22. Open
$editor = new Editor();
- Read upRead up
- Exclude checks
Shadowing fields with a local variable is a bad practice that reduces code readability: it makes it confusing to know whether the field or the variable is being used.
Noncompliant Code Example
class Foo { public $myField; public function doSomething() { $myField = 0; ... } }
See
- CERT, DCL51-J. - Do not shadow or obscure identifiers in subscopes
Remove this unused "$hostURL" private field. Open
private $hostURL = "/";
- Read upRead up
- Exclude checks
If a private
field is declared but not used in the program, it can be considered dead code and should therefore be removed. This will
improve maintainability because developers will not wonder what the variable is used for.
Noncompliant Code Example
class MyClass { private $foo = 4; //foo is unused public function compute($a) { return $a * 4; } }
Compliant Solution
class MyClass { public function compute($a) { return $a * 4; } }
See
- CERT, MSC12-CPP. - Detect and remove code that has no effect
Define a constant instead of duplicating this literal "result" 4 times. Open
$data = array("result" => "OK");
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal "selected" 4 times. Open
array("selected", "jsname", true), // optional
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal "working" 32 times. Open
"working" => true,
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal "false" 15 times. Open
header("Location: " . $this->makeURL(array("action" => "groupadmin", "header" => "false")));
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal "param2" 3 times. Open
array("param2", "name"),
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
This function "weathermap_draw_navigation_text" has 234 lines, which is greater than the 150 lines authorized. Split it into smaller functions. Open
function weathermap_draw_navigation_text($nav)
- Read upRead up
- Exclude checks
A function that grows too large tends to aggregate too many responsibilities.
Such functions inevitably become harder to understand and therefore harder to maintain.
Above a specific threshold, it is strongly advised to refactor into smaller functions which focus on well-defined tasks.
Those smaller functions will not only be easier to understand, but also probably easier to test.
Define a constant instead of duplicating this literal "<td><a class="hyperLink" href="" times.></a></td> Open
print '<td><a class="hyperLink" href="' . $this->makeURL(
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal "%d Seconds" 3 times. Open
5 => __('%d Seconds', 5),
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal "standard" 3 times. Open
print __('standard');
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Class "MapManager" has 54 methods, which is greater than 20 authorized. Split it into smaller classes. Open
class MapManager
- Read upRead up
- Exclude checks
A class that grows too much tends to aggregate too many responsibilities and inevitably becomes harder to understand and therefore to maintain. Above a specific threshold, it is strongly advised to refactor the class into smaller ones which focus on well defined topics.
Define and throw a dedicated exception instead of using a generic one. Open
throw new \Exception("Path mismatch - $fileDirectory != " . $this->configDirectory);
- Read upRead up
- Exclude checks
If you throw a general exception type, such as ErrorException, RuntimeException, or Exception in a library or framework, it forces consumers to catch all exceptions, including unknown exceptions that they do not know how to handle.
Instead, either throw a subtype that already exists in the Standard PHP Library, or create your own type that derives from Exception.
Noncompliant Code Example
throw new Exception(); // Noncompliant
Compliant Solution
throw new InvalidArgumentException(); // or throw new UnexpectedValueException();
See
- MITRE, CWE-397 - Declaration of Throws for Generic Exception
- CERT, ERR07-J. - Do not throw RuntimeException, Exception, or Throwable
Add a "case default" clause to this "switch" statement. Open
switch ($this->iconfile) {
- Read upRead up
- Exclude checks
The requirement for a final case default
clause is defensive programming. The clause should either take appropriate action, or contain
a suitable comment as to why no action is taken. Even when the switch
covers all current values of an enum
, a default case
should still be used because there is no guarantee that the enum
won't be extended.
Noncompliant Code Example
switch ($param) { //missing default clause case 0: do_something(); break; case 1: do_something_else(); break; } switch ($param) { default: // default clause should be the last one error(); break; case 0: do_something(); break; case 1: do_something_else(); break; }
Compliant Solution
switch ($param) { case 0: do_something(); break; case 1: do_something_else(); break; default: error(); break; }
See
- MISRA C:2004, 15.0 - The MISRA C switch syntax shall be used.
- MISRA C:2004, 15.3 - The final clause of a switch statement shall be the default clause
- MISRA C++:2008, 6-4-3 - A switch statement shall be a well-formed switch statement.
- MISRA C++:2008, 6-4-6 - The final clause of a switch statement shall be the default-clause
- MISRA C:2012, 16.1 - All switch statements shall be well-formed
- MISRA C:2012, 16.4 - Every switch statement shall have a default label
- MISRA C:2012, 16.5 - A default label shall appear as either the first or the last switch label of a switch statement
- MITRE, CWE-478 - Missing Default Case in Switch Statement
- CERT, MSC01-C. - Strive for logical completeness
- CERT, MSC01-CPP. - Strive for logical completeness
Define a constant instead of duplicating this literal "mapid" 17 times. Open
if (isset($request['mapid']) && is_numeric($request['mapid'])) {
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Remove the unused function parameter "$matches". Open
private function handleCOLOR($fullcommand, $args, $matches)
- Read upRead up
- Exclude checks
Unused parameters are misleading. Whatever the value passed to such parameters is, the behavior will be the same.
Noncompliant Code Example
function doSomething($a, $b) { // "$a" is unused return compute($b); }
Compliant Solution
function doSomething($b) { return compute($b); }
Exceptions
Functions in classes that override a class or implement interfaces are ignored.
class C extends B { function doSomething($a, $b) { // no issue reported on $b compute($a); } }
See
- MISRA C++:2008, 0-1-11 - There shall be no unused parameters (named or unnamed) in nonvirtual functions.
- MISRA C:2012, 2.7 - There should be no unused parameters in functions
- CERT, MSC12-C. - Detect and remove code that has no effect or is never executed
- CERT, MSC12-CPP. - Detect and remove code that has no effect
Define a constant instead of duplicating this literal "rra_path" 4 times. Open
$tpl->set("rra_path", json_encode($config['rra_path']));
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Remove the unused function parameter "$fullcommand". Open
private function handleSCALE($fullcommand, $args, $matches)
- Read upRead up
- Exclude checks
Unused parameters are misleading. Whatever the value passed to such parameters is, the behavior will be the same.
Noncompliant Code Example
function doSomething($a, $b) { // "$a" is unused return compute($b); }
Compliant Solution
function doSomething($b) { return compute($b); }
Exceptions
Functions in classes that override a class or implement interfaces are ignored.
class C extends B { function doSomething($a, $b) { // no issue reported on $b compute($a); } }
See
- MISRA C++:2008, 0-1-11 - There shall be no unused parameters (named or unnamed) in nonvirtual functions.
- MISRA C:2012, 2.7 - There should be no unused parameters in functions
- CERT, MSC12-C. - Detect and remove code that has no effect or is never executed
- CERT, MSC12-CPP. - Detect and remove code that has no effect