ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S1613/php/rule.adoc

34 lines
581 B
Plaintext
Raw Permalink Blame History

== Why is this an issue?
Included variables may have been set by user input could contain unexpected, and potentially dangerous values.
=== Noncompliant code example
[source,php]
----
include $foo;
require $foo;
include $foo . '/config.php';
require $foo . '/config.php';
include "$foo/config.php";
require "$foo/config.php";
include($foo);
require($foo);
include($foo . '/config.php');
require($foo . '/config.php');
include("$foo/config.php");
require("$foo/config.php");
include "./$page.php";
----
=== Compliant solution
[source,php]
----
include "./$page.php";
----
Reference in New Issue View Git Blame Copy Permalink