rspec/rules/S1613/php/rule.adoc

Included variables may have been set by user input could contain unexpected, and potentially dangerous values. 


== Noncompliant Code Example

----
include $foo;
require $foo;
include $foo . '/config.php';
require $foo . '/config.php';
include "$foo/config.php";
require "$foo/config.php";
include($foo);
require($foo);
include($foo . '/config.php');
require($foo . '/config.php');
include("$foo/config.php");
require("$foo/config.php");

include "./$page.php";
----


== Compliant Solution

----
include "./$page.php";
----
RULEAPI-617: Add Jira closed RSPECs in Github repository 2021-06-08 14:23:48 +02:00			`Included variables may have been set by user input could contain unexpected, and potentially dangerous values.`


			`== Noncompliant Code Example`

			`----`
			`include $foo;`
			`require $foo;`
			`include $foo . '/config.php';`
			`require $foo . '/config.php';`
			`include "$foo/config.php";`
			`require "$foo/config.php";`
			`include($foo);`
			`require($foo);`
			`include($foo . '/config.php');`
			`require($foo . '/config.php');`
			`include("$foo/config.php");`
			`require("$foo/config.php");`

			`include "./$page.php";`
			`----`


			`== Compliant Solution`

			`----`
			`include "./$page.php";`
			`----`