-
Notifications
You must be signed in to change notification settings - Fork 43
Expand file tree
/
Copy pathExitAfterRedirectSniff.php
More file actions
67 lines (56 loc) · 2.06 KB
/
ExitAfterRedirectSniff.php
File metadata and controls
67 lines (56 loc) · 2.06 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?php
/**
* WordPressVIPMinimum Coding Standard.
*
* @package VIPCS\WordPressVIPMinimum
* @link https://github.com/Automattic/VIP-Coding-Standards
* @license https://opensource.org/license/gpl-2-0 GPL-2.0
*/
namespace WordPressVIPMinimum\Sniffs\Security;
use PHP_CodeSniffer\Util\Tokens;
use WordPressVIPMinimum\Sniffs\Sniff;
/**
* Require `exit;` being called after wp_redirect and wp_safe_redirect.
*/
class ExitAfterRedirectSniff extends Sniff {
/**
* Returns an array of tokens this test wants to listen for.
*
* @return array<int|string>
*/
public function register() {
return [ T_STRING ];
}
/**
* Process this test when one of its tokens is encountered
*
* @param int $stackPtr The position of the current token in the stack passed in $tokens.
*
* @return void
*/
public function process_token( $stackPtr ) {
if ( $this->tokens[ $stackPtr ]['content'] !== 'wp_redirect' && $this->tokens[ $stackPtr ]['content'] !== 'wp_safe_redirect' ) {
return;
}
$openBracket = $this->phpcsFile->findNext( Tokens::$emptyTokens, $stackPtr + 1, null, true );
if ( $this->tokens[ $openBracket ]['code'] !== T_OPEN_PARENTHESIS ) {
return;
}
$next_token = $this->phpcsFile->findNext( array_merge( Tokens::$emptyTokens, [ T_SEMICOLON, T_CLOSE_PARENTHESIS ] ), $this->tokens[ $openBracket ]['parenthesis_closer'] + 1, null, true );
$message = '`%s()` should almost always be followed by a call to `exit;`.';
$data = [ $this->tokens[ $stackPtr ]['content'] ];
if ( $this->tokens[ $next_token ]['code'] === T_OPEN_CURLY_BRACKET ) {
$is_exit_in_scope = false;
for ( $i = $this->tokens[ $next_token ]['scope_opener']; $i <= $this->tokens[ $next_token ]['scope_closer']; $i++ ) {
if ( $this->tokens[ $i ]['code'] === T_EXIT ) {
$is_exit_in_scope = true;
}
}
if ( $is_exit_in_scope === false ) {
$this->phpcsFile->addError( $message, $stackPtr, 'NoExitInConditional', $data );
}
} elseif ( $this->tokens[ $next_token ]['code'] !== T_EXIT ) {
$this->phpcsFile->addError( $message, $stackPtr, 'NoExit', $data );
}
}
}