search

TysonAndre / phan

Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
Other
0 stars 0 forks source link

[WIP] Detect missing path passed to require/include{,_once} #200

Closed TysonAndre closed 5 years ago

TysonAndre commented 5 years ago

And check that eval is passed any string

TODO: Finish documenting this, add configuration options such as relative directories that would be used (relative or project paths).

Ideas: use an array

[
    ['cwd'],
    ['project', 'vendor/a/b/lib/functions'],
    ['absolute', '/usr/local/php-include-path']
]