From 557d190ee1849d62b5821d848565882bdc8e64a8 Mon Sep 17 00:00:00 2001 From: Abderrahmane IBNSEDDIK Date: Sat, 29 Dec 2018 22:44:34 +0000 Subject: [PATCH 1/2] Fix Issue #19 Correct the warning and error messages in CallBackFunctionsSniff --- Security/Sniffs/BadFunctions/CallbackFunctionsSniff.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Security/Sniffs/BadFunctions/CallbackFunctionsSniff.php b/Security/Sniffs/BadFunctions/CallbackFunctionsSniff.php index a9d5d05..70fdaf1 100644 --- a/Security/Sniffs/BadFunctions/CallbackFunctionsSniff.php +++ b/Security/Sniffs/BadFunctions/CallbackFunctionsSniff.php @@ -45,9 +45,9 @@ public function process(File $phpcsFile, $stackPtr) { $msg = 'Function ' . $tokens[$stackPtr]['content'] . '() that supports callback detected'; if ($s) { if ($utils::is_token_user_input($tokens[$s])) { - $phpcsFile->addError($msg . ' with parameter directly from user input', $stackPtr, 'ErrFringestuff'); + $phpcsFile->addError($msg . ' with parameter directly from user input', $stackPtr, 'ErrCallbackFunctions'); } else { - $phpcsFile->addWarning($msg, $stackPtr, 'WarnFringestuff'); + $phpcsFile->addWarning($msg, $stackPtr, 'WarnCallbackFunctions'); } } } From 5b7358eaddcdf5b79fc3c66773b233a6cb134b07 Mon Sep 17 00:00:00 2001 From: Abderrahmane IBNSEDDIK Date: Sat, 29 Dec 2018 22:50:24 +0000 Subject: [PATCH 2/2] Rename alert messages in SQLFunctionsSniff --- Security/Sniffs/BadFunctions/SQLFunctionsSniff.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Security/Sniffs/BadFunctions/SQLFunctionsSniff.php b/Security/Sniffs/BadFunctions/SQLFunctionsSniff.php index 47fe02b..01a49d9 100644 --- a/Security/Sniffs/BadFunctions/SQLFunctionsSniff.php +++ b/Security/Sniffs/BadFunctions/SQLFunctionsSniff.php @@ -38,9 +38,9 @@ public function process(File $phpcsFile, $stackPtr) { if ($s) { $msg = 'SQL function ' . $tokens[$stackPtr]['content'] . '() detected with dynamic parameter '; if ($utils::is_token_user_input($tokens[$s])) { - $phpcsFile->addError($msg . ' directly from user input', $stackPtr, 'ErrFilesystem'); + $phpcsFile->addError($msg . ' directly from user input', $stackPtr, 'ErrSQLFunction'); } else { - $phpcsFile->addWarning($msg, $stackPtr, 'WarnFilesystem'); + $phpcsFile->addWarning($msg, $stackPtr, 'WarnSQLFunction'); } } }