Documentation

IniSetSniff extends AbstractFunctionParameterSniff
in package

FinalYes

Detect use of the `ini_set()` function.

  • Won't throw notices for "safe" ini directives as listed in the safe-list.
  • Throws errors for ini directives listed in the disallow-list.
  • A warning will be thrown in all other cases.
Tags
since
2.1.0

Table of Contents

Properties

$exclude  : array<string|int, mixed>
Exclude groups.
$unittest_groups  : array<string|int, mixed>
Groups of function data to check against.
$disallowed_options  : array<string|int, mixed>
Array of PHP configuration options that are not allowed to be manipulated, as changing the value of these, will be problematic for interoperability between WP/plugins/themes.
$excluded_groups  : array<string|int, mixed>
Cache for the excluded groups information.
$group_name  : string
The group name for this group of functions.
$groups  : array<string|int, mixed>
Cache for the group information.
$phpcsFile  : File
The current file being sniffed.
$regex_pattern  : string
Regex pattern with placeholder for the function names.
$safe_options  : array<string|int, mixed>
Array of PHP configuration options that are safe to be manipulated, as changing the value of these, won't cause interoperability issues between WP/plugins/themes.
$target_functions  : array<string|int, mixed>
Array of functions that must be checked.
$tokens  : array<string|int, mixed>
The list of tokens in the current file being sniffed.

Methods

check_for_matches()  : int|void
Verify if the current token is one of the targetted functions.
getGroups()  : array<string|int, mixed>
Groups of functions to restrict.
is_targetted_token()  : bool
Verify is the current token is a function call.
process()  : int|void
Set sniff properties and hand off to child class for processing of the token.
process_matched_token()  : int|void
Process a matched token.
process_no_parameters()  : int|void
Process the function if no parameters were found.
process_parameters()  : void
Process the parameter of a matched function.
process_token()  : int|void
Processes this test, when one of its tokens is encountered.
register()  : array<string|int, mixed>
Returns an array of tokens this test wants to listen for.
prepare_name_for_regex()  : string
Prepare the function name for use in a regular expression.
setup_groups()  : bool
Set up the regular expressions for each group.

Properties

$exclude

Exclude groups.

public array<string|int, mixed> $exclude = array()

Example: 'switch_to_blog,user_meta'

Tags
since
0.3.0
since
1.0.0

This property now expects to be passed an array. Previously a comma-delimited string was expected.

$unittest_groups

Groups of function data to check against.

public static array<string|int, mixed> $unittest_groups = array()

Don't use this in extended classes, override getGroups() instead. This is only used for Unit tests.

Tags
since
0.10.0

$disallowed_options

Array of PHP configuration options that are not allowed to be manipulated, as changing the value of these, will be problematic for interoperability between WP/plugins/themes.

protected array<string|int, mixed> $disallowed_options = array('bcmath.scale' => array('message' => 'Use `bcscale()` instead.'), 'display_errors' => array('message' => 'Use `WP_DEBUG_DISPLAY` instead.'), 'error_reporting' => array('message' => 'Use `WP_DEBUG` instead.'), 'filter.default' => array('message' => 'Changing the option value can break other plugins. Use the filter flag constants when calling the Filter functions instead.'), 'filter.default_flags' => array('message' => 'Changing the option value can break other plugins. Use the filter flag constants when calling the Filter functions instead.'), 'iconv.input_encoding' => array('message' => 'This option is not supported since PHP 5.6 - use `iconv_set_encoding()` instead.'), 'iconv.internal_encoding' => array('message' => 'This option is not supported since PHP 5.6 - use `iconv_set_encoding()` instead.'), 'iconv.output_encoding' => array('message' => 'This option is not supported since PHP 5.6 - use `iconv_set_encoding()` instead.'), 'ignore_user_abort' => array('message' => 'Use `ignore_user_abort()` instead.'), 'log_errors' => array('message' => 'Use `WP_DEBUG_LOG` instead.'), 'max_execution_time' => array('message' => 'Use `set_time_limit()` instead.'), 'memory_limit' => array('message' => 'Use `wp_raise_memory_limit()` or hook into the filters in that function.'), 'short_open_tag' => array('invalid_values' => array('false', '0', 'off'), 'message' => 'Turning off short_open_tag is prohibited as it can break other plugins.'))

Multidimensional array with parameter details. $disallowed_options = array( (string) option name. = array( (string[]) 'invalid_values' = array() (string) 'message' ) );

Tags
since
2.1.0
since
3.0.0

Renamed from $blacklisted_options to $disallowed_options.

$group_name

The group name for this group of functions.

protected string $group_name = 'restricted_parameters'

Intended to be overruled in the child class.

$phpcsFile

The current file being sniffed.

protected File $phpcsFile
Tags
since
0.4.0

$safe_options

Array of PHP configuration options that are safe to be manipulated, as changing the value of these, won't cause interoperability issues between WP/plugins/themes.

protected array<string|int, mixed> $safe_options = array('auto_detect_line_endings' => array(), 'highlight.bg' => array(), 'highlight.comment' => array(), 'highlight.default' => array(), 'highlight.html' => array(), 'highlight.keyword' => array(), 'highlight.string' => array(), 'short_open_tag' => array('valid_values' => array('true', '1', 'on')))

Multidimensional array with parameter details. $safe_options = array( (string) option name. = array( (string[]) 'valid_values' = array() ) );

Tags
since
2.1.0
since
3.0.0

Renamed from $whitelisted_options to $safe_options.

$target_functions

Array of functions that must be checked.

protected array<string|int, mixed> $target_functions = array('ini_set' => true, 'ini_alter' => true)

Multidimensional array with parameter details. $target_functions = array( (string) Function name. );

Tags
since
2.1.0

$tokens

The list of tokens in the current file being sniffed.

protected array<string|int, mixed> $tokens
Tags
since
0.4.0

Methods

check_for_matches()

Verify if the current token is one of the targetted functions.

public check_for_matches(int $stackPtr) : int|void
Parameters
$stackPtr : int

The position of the current token in the stack.

Tags
since
0.11.0

Split out from the process() method.

Return values
int|void

Integer stack pointer to skip forward or void to continue normal file processing.

getGroups()

Groups of functions to restrict.

public getGroups() : array<string|int, mixed>
Return values
array<string|int, mixed>

is_targetted_token()

Verify is the current token is a function call.

public is_targetted_token(int $stackPtr) : bool
Parameters
$stackPtr : int

The position of the current token in the stack.

Tags
since
0.11.0

Split out from the process() method.

Return values
bool

process()

Set sniff properties and hand off to child class for processing of the token.

public process(File $phpcsFile, int $stackPtr) : int|void
Parameters
$phpcsFile : File

The file being scanned.

$stackPtr : int

The position of the current token in the stack passed in $tokens.

Tags
since
0.11.0
Return values
int|void

Integer stack pointer to skip forward or void to continue normal file processing.

process_matched_token()

Process a matched token.

public process_matched_token(int $stackPtr, string $group_name, string $matched_content) : int|void
Parameters
$stackPtr : int

The position of the current token in the stack.

$group_name : string

The name of the group which was matched.

$matched_content : string

The token content (function name) which was matched in lowercase.

Return values
int|void

Integer stack pointer to skip forward or void to continue normal file processing.

process_no_parameters()

Process the function if no parameters were found.

public process_no_parameters(int $stackPtr, string $group_name, string $matched_content) : int|void

Defaults to doing nothing. Can be overloaded in child classes to handle functions were parameters are expected, but none found.

Parameters
$stackPtr : int

The position of the current token in the stack.

$group_name : string

The name of the group which was matched.

$matched_content : string

The token content (function name) which was matched in lowercase.

Return values
int|void

Integer stack pointer to skip forward or void to continue normal file processing.

process_parameters()

Process the parameter of a matched function.

public process_parameters(int $stackPtr, string $group_name, string $matched_content, array<string|int, mixed> $parameters) : void

Errors if an option is found in the disallow-list. Warns as 'risky' when the option is not found in the safe-list.

Parameters
$stackPtr : int

The position of the current token in the stack.

$group_name : string

The name of the group which was matched.

$matched_content : string

The token content (function name) which was matched in lowercase.

$parameters : array<string|int, mixed>

Array with information about the parameters.

Tags
since
2.1.0

process_token()

Processes this test, when one of its tokens is encountered.

public process_token(int $stackPtr) : int|void
Parameters
$stackPtr : int

The position of the current token in the stack.

Return values
int|void

Integer stack pointer to skip forward or void to continue normal file processing.

register()

Returns an array of tokens this test wants to listen for.

public register() : array<string|int, mixed>
Return values
array<string|int, mixed>

prepare_name_for_regex()

Prepare the function name for use in a regular expression.

protected prepare_name_for_regex(string $function_name) : string

The getGroups() method allows for providing function names with a wildcard * to target a group of functions. This prepare routine takes that into account while still safely escaping the function name for use in a regular expression.

Parameters
$function_name : string

Function name.

Tags
since
0.10.0
Return values
string

Regex escaped function name.

setup_groups()

Set up the regular expressions for each group.

protected setup_groups(string $key) : bool
Parameters
$key : string

The group array index key where the input for the regular expression can be found.

Tags
since
0.10.0
Return values
bool

True if the groups were setup. False if not.


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results