NonceVerificationSniff
extends Sniff
in package
uses
SanitizationHelperTrait
Checks that nonce verification accompanies form processing.
Tags
Table of Contents
Properties
- $customNonceVerificationFunctions : array<string|int, string>
- Custom list of functions which verify nonces.
- $phpcsFile : File
- The current file being sniffed.
- $superglobals : array<string|int, mixed>
- Superglobals to notify about when not accompanied by an nonce check.
- $tokens : array<string|int, mixed>
- The list of tokens in the current file being sniffed.
- $addedCustomNonceFunctions : array<string|int, mixed>
- Cache of previously added custom functions.
- $cached_results : array<string, mixed>
- Information on the all scopes that were checked to find a nonce verification in a particular file.
- $nonceVerificationFunctions : array<string|int, mixed>
- List of the functions which verify nonces.
Methods
- process() : int|void
- Set sniff properties and hand off to child class for processing of the token.
- process_token() : int|void
- Processes this test, when one of its tokens is encountered.
- register() : array<string|int, mixed>
- Returns an array of tokens this test wants to listen for.
- mergeFunctionLists() : void
- Merge custom functions provided via a custom ruleset with the defaults, if we haven't already.
- needs_nonce_check() : string|false
- Determine whether or not a nonce check is needed for the current superglobal.
- get_cache() : array<string, mixed>
- Helper function to retrieve results from the cache.
- has_nonce_check() : bool
- Check if this token has an associated nonce check.
- set_cache() : void
- Helper function to store results to the cache.
Properties
$customNonceVerificationFunctions
Custom list of functions which verify nonces.
public
array<string|int, string>
$customNonceVerificationFunctions
= array()
Tags
$phpcsFile
The current file being sniffed.
protected
File
$phpcsFile
Tags
$superglobals
Superglobals to notify about when not accompanied by an nonce check.
protected
array<string|int, mixed>
$superglobals
= array('$_POST' => true, '$_FILES' => true, '$_GET' => false, '$_REQUEST' => false)
A value of true results in an error. A value of false in a warning.
Tags
$tokens
The list of tokens in the current file being sniffed.
protected
array<string|int, mixed>
$tokens
Tags
$addedCustomNonceFunctions
Cache of previously added custom functions.
private
array<string|int, mixed>
$addedCustomNonceFunctions
= array()
Prevents having to do the same merges over and over again.
Tags
$cached_results
Information on the all scopes that were checked to find a nonce verification in a particular file.
private
array<string, mixed>
$cached_results
The array will be in the following format:
array(
'file' => (string) The name of the file.
'cache' => (array) array(
# => array( The key is the token pointer to the "start" position.
'end' => (int) The token pointer to the "end" position.
'nonce' => (int|bool) The token pointer where n nonce check
was found, or false if none was found.
)
)
)
Tags
$nonceVerificationFunctions
List of the functions which verify nonces.
private
array<string|int, mixed>
$nonceVerificationFunctions
= array('wp_verify_nonce' => true, 'check_admin_referer' => true, 'check_ajax_referer' => true)
Tags
Methods
process()
Set sniff properties and hand off to child class for processing of the token.
public
process(File $phpcsFile, int $stackPtr) : int|void
Parameters
- $phpcsFile : File
-
The file being scanned.
- $stackPtr : int
-
The position of the current token in the stack passed in $tokens.
Tags
Return values
int|void —Integer stack pointer to skip forward or void to continue normal file processing.
process_token()
Processes this test, when one of its tokens is encountered.
public
process_token(int $stackPtr) : int|void
Parameters
- $stackPtr : int
-
The position of the current token in the stack.
Return values
int|void —Integer stack pointer to skip forward or void to continue normal file processing.
register()
Returns an array of tokens this test wants to listen for.
public
register() : array<string|int, mixed>
Return values
array<string|int, mixed>mergeFunctionLists()
Merge custom functions provided via a custom ruleset with the defaults, if we haven't already.
protected
mergeFunctionLists() : void
Tags
needs_nonce_check()
Determine whether or not a nonce check is needed for the current superglobal.
protected
needs_nonce_check(int $stackPtr, array<string|int, mixed> $cache_keys) : string|false
Parameters
- $stackPtr : int
-
The position of the current token in the stack of tokens.
- $cache_keys : array<string|int, mixed>
-
The keys for the applicable cache (to potentially set).
Tags
Return values
string|false —String "before" or "after" if a nonce check is needed. FALSE when no nonce check is needed.
get_cache()
Helper function to retrieve results from the cache.
private
get_cache(string $filename, int $start) : array<string, mixed>
Parameters
- $filename : string
-
The name of the current file.
- $start : int
-
The stack pointer searches started from.
Tags
Return values
array<string, mixed>has_nonce_check()
Check if this token has an associated nonce check.
private
has_nonce_check(int $stackPtr, array<string|int, mixed> $cache_keys[, bool $allow_nonce_after = false ]) : bool
Parameters
- $stackPtr : int
-
The position of the current token in the stack of tokens.
- $cache_keys : array<string|int, mixed>
-
The keys for the applicable cache.
- $allow_nonce_after : bool = false
-
Whether the nonce check must be before the $stackPtr or is allowed after the $stackPtr.
Tags
Return values
boolset_cache()
Helper function to store results to the cache.
private
set_cache(string $filename, int $start, int $end, int|bool $nonce) : void
Parameters
- $filename : string
-
The name of the current file.
- $start : int
-
The stack pointer searches started from.
- $end : int
-
The stack pointer searched stopped at.
- $nonce : int|bool
-
Stack pointer to the nonce verification function call or false if none was found.