rspec/rules/S5332/php/rule.adoc

include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

----
$url = "http://example.com"; // Sensitive
$url = "ftp://anonymous@example.com"; // Sensitive
$url = "telnet://anonymous@example.com"; // Sensitive

$con = ftp_connect('example.com'); // Sensitive

$trans = (new Swift_SmtpTransport('XXX', 1234)); // Sensitive

$mailer = new PHPMailer(true); // Sensitive
----

== Compliant Solution

----
$url = "https://example.com"; // Compliant
$url = "sftp://anonymous@example.com"; // Compliant
$url = "ssh://anonymous@example.com"; // Compliant

$con = ftp_ssl_connect('example.com'); // Compliant

$trans = (new Swift_SmtpTransport('smtp.example.org', 1234))
  ->setEncryption('tls') // Compliant
;

$mailer = new PHPMailer(true);
$mailer->SMTPSecure = 'tls'; // Compliant
----

include::../exceptions.adoc[]

include::../see.adoc[]
Add all rules, update all rules fixing the inline code syntax 2020-12-21 15:38:52 +01:00			`include::../description.adoc[]`

			`include::../ask-yourself.adoc[]`

			`include::../recommended.adoc[]`

			`== Sensitive Code Example`

			`----`
			`$url = "http://example.com"; // Sensitive`
			`$url = "ftp://anonymous@example.com"; // Sensitive`
			`$url = "telnet://anonymous@example.com"; // Sensitive`

			`$con = ftp_connect('example.com'); // Sensitive`

			`$trans = (new Swift_SmtpTransport('XXX', 1234)); // Sensitive`

			`$mailer = new PHPMailer(true); // Sensitive`
			`----`

			`== Compliant Solution`

			`----`
			`$url = "https://example.com"; // Compliant`
			`$url = "sftp://anonymous@example.com"; // Compliant`
			`$url = "ssh://anonymous@example.com"; // Compliant`

			`$con = ftp_ssl_connect('example.com'); // Compliant`

			`$trans = (new Swift_SmtpTransport('smtp.example.org', 1234))`
			`->setEncryption('tls') // Compliant`
			`;`

			`$mailer = new PHPMailer(true);`
			`$mailer->SMTPSecure = 'tls'; // Compliant`
			`----`

			`include::../exceptions.adoc[]`

			`include::../see.adoc[]`