rspec/rules/S5527/php/rule.adoc

include::../description.adoc[]

== Noncompliant Code Example

----
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE); // Noncompliant
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);  // Noncompliant
----

== Compliant Solution

----
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2); // Compliant; default value is 2 to "check the existence of a common name and also verify that it matches the hostname provided" according to PHP's documentation
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, TRUE); // Compliant: From 7.66.0: treats 1 and 2 the same (https://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYHOST.html)
----

include::../see.adoc[]
Add missing rules because of approximative section names 2020-06-30 14:41:58 +02:00			`include::../description.adoc[]`

			`== Noncompliant Code Example`

			`----`
			`curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE); // Noncompliant`
			`curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); // Noncompliant`
			`----`

			`== Compliant Solution`

			`----`
			`curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 2); // Compliant; default value is 2 to "check the existence of a common name and also verify that it matches the hostname provided" according to PHP's documentation`
			`curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, TRUE); // Compliant: From 7.66.0: treats 1 and 2 the same (https://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYHOST.html)`
			`----`

			`include::../see.adoc[]`