ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S4433/php/rule.adoc

76 lines
1.2 KiB
Plaintext
Raw Normal View History

[APPSEC-801] Migrate S4433 to LaYC format. (#2307)
2023-06-29 16:45:36 +02:00
include::../common/rationale.adoc[]
migrate rule descriptions to new education format
2023-05-03 11:06:20 +02:00
== Why is this an issue?
[APPSEC-801] Migrate S4433 to LaYC format. (#2307)
2023-06-29 16:45:36 +02:00
include::../common/description.adoc[]
=== What is the potential impact?
include::../common/impact.adoc[]
== How to fix it
=== Code examples
Add rules 4000-4999
2020-06-30 12:49:37 +02:00
[APPSEC-801] Migrate S4433 to LaYC format. (#2307)
2023-06-29 16:45:36 +02:00
include::../common/fix/code-rationale.adoc[]
Add rules 4000-4999
2020-06-30 12:49:37 +02:00
[APPSEC-801] Migrate S4433 to LaYC format. (#2307)
2023-06-29 16:45:36 +02:00
==== Noncompliant code example
[source,php,diff-id=1,diff-type=noncompliant]
Add rules 4000-4999
2020-06-30 12:49:37 +02:00
----
$ldapconn = ldap_connect("ldap.example.com");
if ($ldapconn) {
[APPSEC-801] Migrate S4433 to LaYC format. (#2307)
2023-06-29 16:45:36 +02:00
$ldapbind = ldap_bind($ldapconn); // Noncompliant
Add rules 4000-4999
2020-06-30 12:49:37 +02:00
}
----
[APPSEC-801] Migrate S4433 to LaYC format. (#2307)
2023-06-29 16:45:36 +02:00
==== Compliant solution
[source,php,diff-id=1,diff-type=compliant]
Add rules 4000-4999
2020-06-30 12:49:37 +02:00
----
$ldaprdn = 'uname';
$ldappass = 'password';
$ldapconn = ldap_connect("ldap.example.com");
if ($ldapconn) {
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass); // Compliant
}
----
[APPSEC-801] Migrate S4433 to LaYC format. (#2307)
2023-06-29 16:45:36 +02:00
//=== How does this work?
//=== Pitfalls
//=== Going the extra mile
== Resources
//=== Documentation
include::../common/resources/documentation.adoc[]
//=== Articles & blog posts
//=== Conference presentations
//=== Standards
include::../common/resources/standards.adoc[]
//=== Benchmarks
Make sure that includes are always surrounded by empty lines (#2270) When an include is not surrounded by empty lines, its content is inlined on the same line as the adjacent content. That can lead to broken tags and other display issues. This PR fixes all such includes and introduces a validation step that forbids introducing the same problem again.
2023-06-22 10:38:01 +02:00
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346)
2021-09-20 15:38:42 +02:00
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
Inline adoc when include has no additional value (#1940) Inline adoc files when they are included exactly once. Also fix language tags because this inlining gives us better information on what language the code is written in.
2023-05-25 14:18:12 +02:00
=== Message
Provide username and password to authenticate the connection.
RULEAPI-666: Migrate the "List of parameters", "Highlighting" and "Message" fields from jira RSPEC (#346)
2021-09-20 15:38:42 +02:00
include::../highlighting.adoc[]
[APPSEC-801] Migrate S4433 to LaYC format. (#2307)
2023-06-29 16:45:36 +02:00
endif::env-github,rspecator-view[]
Reference in New Issue Copy Permalink