-
Notifications
You must be signed in to change notification settings - Fork 31
Checks [审查规则]
默认的配置文件是 config/default.cfg.xml
你可以通过创建一个新的配置文件并且注释某些验证规则或者给某些验证规则取消注释来实现特定的编码规范.
对于某些代码审查,你可以列出一些你不希望使用的规则的例外(exception).
你也可以通过给xml配置文件添加“level”属性来控制每个审查的报警级别(error 错误, warning 警告, info 通知).
如下是依据default配置文件得到的可以使用的验证规则.
对于php系统的内置函数不做命名规范的检查,默认包含这些方法
- __construct
- __destruct
- __call
- __get
- __set
- __isset
- __unset
- __sleep
- __wakeup
- __toString
- __clone
- __autoload
- __invoke
- __callStatic
对于php系统内置的全局变量也不做命名规范检查,包括这些变量 $this $_GET $_POST $_FILES $_COOKIE $_SESSION $_ENV $_SERVER $_REQUEST $HTTP_GET_VARS $HTTP_POST_VARS $HTTP_SERVER_VARS $HTTP_ENV_VARS $HTTP_SESSION_VARS
检查常量是否符合命名规范.常量命名只能包含大写字母和下划线及数字,而且必须以大写字母开头. 可以通过修改正则来控制验证条件
检查变量是否符合命名规范。 变量命名应该以小写字母或者下划线开头并且只包含字母、数字和下划线
如果你想更精确的检查,可以通过下面这些来进行区分:
- topLevelVariableNaming : 顶级变量命名
- localVariableNaming : 局部变量命名(在类中)
- memberVariableNaming : 成员变量命名 (在方法或函数中)
检查函数的命名是否符合命名规范 函数的名字一定要以小写字母开头(匹配规则是通过一个正则来自定义的,可以修改正则表达式更新验证规则) 特殊的函数比如“__construct”不会被检查
激活保护方法的命名规范检测。验证规则同函数
激活私有方法的命名规范检测。 私有方法应该以一个下划线紧跟一个小写字母开头,匹配规则可以自定义
检查构造函数的命名规范。(通过设置value的值为new或old来选择) old————函数的名字与类名保持一致 new————“__construct()”
检查类的命是否符合命名规范。 类的命名必须以大写字母开始。
检查接口的命名规范。 接口命名规范与类相同
检查php文件名是否符合命名规范。 必须以字母开头,且只能包含字母、数字、下划线(_)、和点(.)
长度限制条件:length>=2 && lenght <=30。以下4个变量是例外:i,j,k(用于循环),e(用于异常$e)
必须使用"<?php"来开始一段php代码,短标签或者其他任何形式都不允许
Test if a PHP closing file is present at the end of a file (which is not recommended)
Test if a file finish with some inner HTML. This could be OK for some files likes view (in a MVC framework) but could provoque a "header already sent" error in some cases.
Check the the PHP tags are always at the beginning of a line.
Tests and reports and error if there is a shell/perl style comment (that starts with '#').
Tests that every function and class is immediately preceded by a docblock. A property "excludePrivateMembers" can be set if you want to disable docblocks for private member functions. If the docBlocks contains "@inheritdoc" then all the checks are disabled. You can also disable the check for some functions by using an exception with the name of the function.
- Property excludePrivateMembers (true / false)
- Property testReturn (true / false)
- Property testParam (true / false)
- Property testThrow (true / false)
Check for the presence of a mandatory header at the beginning of each file.
/**
* Header : Copyright notice ...
*/Check the indentation type. If spaces are expected, checks that a line does not contain the tab character and that the number of spaces is correct. If tabs are expected, checks that the line contains no spaces.
Tests to make sure that every control structure is included within a {} block, even if it is syntactically optional.
Tests for the location of the open curly bracket for a control structure. Default position is the same line where control statement ends. It can be overridden to position it on a new line by setting the property "position" to "nl".
- Property position (sl/nl)
Example: open curly bracket on the same line:
if ($ret === false) {
// statements
}Same example, if the open curly bracket was supposed to be on the new line:
if ($ret === false)
{
// statements
}Checks the position of the close curly brace (Should always be on a new line).
This is similar to "controlStructOpenCurly" explained above. Except that this is for function definition and the default value of "position" is new line ("nl").
- Property position (sl/nl)
Checks the position of the else after the end of the if statement.
- Property position (sl/nl)
Same line :
if ($ret === false) {
// statements
} else {
}New line :
if ($ret === false) {
// statements
}
else {
}Defines the prefered style for quotes ("single" or "double").
Tests that the control statements ("if", "else", "while", "for", etc.) are followed by a space before the opening parenthesis. PEAR standard stipulates this to distinguish it from function calls.
Check that there is no space after a function name in a function call.
heck for the (required) presence of a white space after some tokens (like ,).
- A list of exceptions can be defined for this test.
Check for the (required) presence of a white space before some tokens.
- A list of exceptions can be defined for this test.
Check that there is no space before before some tokens.
- A list of exceptions can be defined for this test.
Check that there is no space after some tokens.
- A list of exceptions can be defined for this test.
Tests for long lines (except for comments) and reports error if a line exceeds the value of "maxLineLength" property.
- Proprety maxLineLength (default = 80).
Checks that the lenght (in lines) of a function doesn't pass the max value.
- Proprety maxLength (default = 150).
Checks for excessive parameters in a function declaration.
- Proprety maxParameters(default = 4).
Calculates a simple cyclomatic complexity value for the functions. The level of complexity that raise a warning or an error can be defined. See Cyclomatic Complexity
- Proprety warningLevel (default = 10).
- Proprety errorLevel(default = 20).
Calculates the NPath complexity (see NPath complexity explained).
- Proprety warningLevel (default = 100).
- Proprety errorLevel(default = 200).
Checks for prohibited functions. List the functions that are forbidden in a project for safety reasons (like for example "exec"). See the list of PHP functions here
Checks for prohibited tokens. List the PHP tokens that are forbidden. See the list of PHP tokens here
Tests that all the arguments of a function with default values are placed at the end of the list of arguments.
Checks for silenced function calls.
- A list of exceptions can be defined for this test.
Checks for encapsed variables inside a String like "$a".
Checks for functions have some passed by reference parameters.
Extracts the TODO from the comments and add them in the report.
Tests for the presence of boolean operators (AND or OR) and recommend to replace them with boolean operators (&& or ||).
Check empty block like if ($a) {}
- A list of exceptions can be defined for this test.
Check empty statement ( ;; )
Check for the presence of heredoc.
Check for braces around code blocs (if, else, elseif, do, while, for, foreach).
Switch need a default value.
Switch case should have a break.
Switch default value should be at the end.
Avoid using unary operators (++) inside a control statement. With the exception of for iterators, all variable incrementation or decrementation should occur in their own toplevel statement to increase readability.
- A list of exceptions can be defined for this test.
With inner assignments it is difficult to see all places where a variable is set. With the exception of for iterators, all assignments should occur in their own toplevel statement to increase readability.
- A list of exceptions can be defined for this test.
Check that there is only one class declaration per PHP file.
Avoid using variable variables (like $$a).
$this cannot be used inside a static function.
Detect unused private functions (detecting unused public ones is more difficult).
Detect unused variables. This one is a bit experimental and can generate false positives (variables declared in one class and used in another one for example).
Detect unused function parameters. If the docBlocks of the function contains "@inheritdoc" then this check is disabled.
Detect unused code (after return or throw).
Example:
function foo {
// do something
return;
// do something else
}Avoid using a count/sizeof function inside a loop.
Example:
while ($a < count($b)) {
// do something
}Check for deprecated methods in PHP and propose some replacement.
Example:
split($a);- Function split is deprecated since PHP 5.3, use explode($pattern, $string) or preg_split('@'.$pattern.'@', $string) instead
Check for the presence of comparison operators that should be replaced by strict comparisons.
Example:
if ($a != '0')
// should be
if ($a !== '0')Check for methods that have been deprecated and are an alias of another method in PHP.
Example:
die;
// should be
exit()