PHP语法检查源代码前控制 [英] PHP Syntax checking pre-source control

问题描述

请参阅是否有静态代码分析器[例如Lint]是否适用于PHP文件?-我正在研究如何在开发人员提交PHP文件之前评估PHP文件的内容.哪种合适的解决方案都是通过类似于答案的SVN挂钩触发:是否可能从PHP检查PHP文件语法?

Referring to Is there a static code analyzer [like Lint] for PHP files? -- I am looking at how to assess the content of PHP files before they are committed by developers. Whichever solution(s) are appropriate will be triggered via SVN hooks similar to the answer: Is it possible to check PHP file syntax from PHP?

我遇到了这个

I came across this Automatic Syntax checking of PHP files when checking into SVN which is the angle I'm going for, however ... php -l isn't quite sufficient.

例如，给定代码:

if ($foo == 'bar') { 
     echo $foo;
}

结果是:

2012/01/15 02:51:14 [错误] 694#0:* 164在stderr中发送的FastCGI:"PHP注意:未定义的变量:foo

2012/01/15 02:51:14 [error] 694#0: *164 FastCGI sent in stderr: "PHP Notice: Undefined variable: foo

相比:

if (isset($foo)) { echo $foo; }

其中一些归结于对编码人员进行最佳实践的教育.不幸的是，有些人没有其他人学习得那么快，确保满足编码标准的唯一方法就是减少未经测试或不符合SVN的要求.

Some of this comes down to educating coders on best practices. Unfortunately, some don't learn as quickly as others, and the only way to ensure that compliance to coding standards is met, is to reduce what is going into SVN that has been untested or isn't compliant.

在此问题的第一个链接中，我尝试过:

From the first link in this question, I have tried:

• php -l
  • 没有通知$foo
  问题
  • php -l
    • doesn't notify about the problem with $foo
    • 没有通知$foo
    问题

        if ($foo == 'bar') {
                         \_ HERE
    

    ====/mnt/hgfs/workspace/scratch-pad/phpinfo.php:44:警告:比较(未知)==(字符串):无法检查未知类型之间的比较

    ==== /mnt/hgfs/workspace/scratch-pad/phpinfo.php:44: Warning: comparing (unknown) == (string): cannot check the comparison between unknown types

    • phpcs-PHP代码嗅探器
      尽管 PHP健全性检查表明它是正确答案
      • phpcs - PHP Code Sniffer
        • doesn't notify about the problem with $foo despite PHP Sanity Check indicating it was the right answer
        • 非常好，但是要求编写不良代码的开发人员编写 good 单元测试...
        • Is very nice, but requires the developers who are writing the bad code to write good unit tests...

        所有人都以他们自己的方式很有趣，但是没有人抓住真正在运行时才发现的这些问题.

        All are interesting in their own way, but none are catching these problems that really are only being found at runtime.

        赞赏有关此主题的意见/想法.

        Appreciate input / thoughts on this topic.

        编辑

        有一位海报暗示PHPLint是正确的选择.我想，好！鉴于有一个新版本，让我们再试一次: phplint-pure-c-1.1_20120202 :

        There was one poster who suggested that PHPLint was the right way to go. I thought, OK! Let's try it again given that there is a new version: phplint-pure-c-1.1_20120202:

         <?php
         if ($foo == 'bar') {
             echo $foo;
         }
         ?>
        

        简单测试....................，有效并报告1个错误和1个警告.但是，如果在 BEFORE 前添加了以下内容，则if语句:

        Simple test .................... and, it works and reports 1 error, 1 warning. However, if the following is added BEFORE the if statement:

         <?php
         if (isset($foo) && $foo == 'bar') { echo 'man'; }
         if ($foo == 'bar') { 
             echo $foo;
         }
         ?>
        

        它不起作用，并报告0错误，2警告.

        it does not work, and reports 0 errors, 2 warnings.

        推荐答案

        我认为对于分析人员来说，发出警告可能有些困难.例如，您给可能提供的代码可与help register_globals一起使用.另外，它可能在其他包含此文件的文件中定义.出于这些原因，PHP文件应该与其他文件一起完整地进行分析，以使其真正可靠，并且还应该为分析机制提供或定义PHP/服务器配置.

        I think this might be a bit hard for an analyser to give warnings about. The code you've given might work with the help register_globals, for example. Also, it might be defined in some other file that is including this file. For those reasons, PHP files should be analyzed with full context of other files for this to be really reliable, and PHP/server configuration should also be either available or defined to the analyzing mechanism.

        也就是说，您确定phplint不会执行您想要的操作吗?

        That said, are you sure phplint doesn't do what you want to?

        有一个在线验证器，您可以用来对其进行测试.输入以下信息:

        There is an online validator that you can use to test it. Given the input:

        <?php
        
        echo $foo;
        

        结果是:

                echo $foo;
                          \_ HERE
        ==== 3: ERROR: variable `$foo' has not been assigned
        END parsing of test-qBlPWw
        ==== ?: notice: unused package `dummy.php'
        ==== ?: notice: unused module `standard'
        Overall test results: 1 errors, 0 warnings.
        

        而使用isset()则没有发现任何问题.

        whereas with isset() it didn't find any issues.

        因此对于另一个测试用例:

        so for this other test case:

        <?php
        
        if ($foo == 'bar') echo $foo;
        

        在Linux Mint 8上，响应为:

        On Linux Mint 8 the response is:

        $ src/phplint test.php 
        /home/vadmin/phplint/phplint-pure-c-1.0_20110223/test.php:3: ERROR: variable `$foo' has not been assigned
        /home/vadmin/phplint/phplint-pure-c-1.0_20110223/test.php:3: Warning: comparing (unknown) == (string): cannot check the comparison between unknown types
        Overall test results: 1 errors, 1 warnings.
        

        并与此:

        <?php
        
        $foo = '1';
        if ($foo == 1) echo $foo;
        

        是:

        $ src/phplint test.php 
        /home/vadmin/phplint/phplint-pure-c-1.0_20110223/test.php:6: ERROR: comparing (string) == (int)
        Overall test results: 1 errors, 0 warnings.
        

        那么，它不是可以正常工作并正确报告问题吗?

        so isn't it working like it should, and reporting the problem properly?

        这篇关于PHP语法检查源代码前控制的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！