search

FloeDesignTechnologies / phpcs-security-audit

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
GNU General Public License v3.0
712 stars 85 forks source link

BadFunctions/NoEvals: add unit tests + minor fix #73

Open jrfnl opened 4 years ago

jrfnl commented 4 years ago

Related to #57, follow up on #70, this PR adds unit tests for the Security.BadFunctions.NoEvals sniff.

Commit Summary

BadFunctions/NoEvals: add unit tests

BadFunctions/NoEvals: error message precision

eval() is a language construct, not a function.

Ref: https://www.php.net/manual/en/function.eval.php

BadFunctions/NoEvals: remove redundant function call

$tokens is not used, so no need to declare it.

jrfnl commented 4 years ago

Anything I can do to move this PR forward ?