63 lines
1.2 KiB
Plaintext
63 lines
1.2 KiB
Plaintext
== Why is this an issue?
|
|
|
|
In PHP it is not required to initialize variables before their usage. However, using uninitialized variables is considered bad practice and should be avoided because of the following reasons:
|
|
|
|
* The value and type of uninitialized variables depend on the context of their first usage. It is better to be explicit about those to avoid confusion.
|
|
* The interpreter raises a warning or a notice in many cases.
|
|
|
|
=== Noncompliant code example
|
|
|
|
[source,php]
|
|
----
|
|
<?php
|
|
|
|
function getText(array $lines): string {
|
|
foreach ($lines as $line) {
|
|
$text .= $line;
|
|
}
|
|
|
|
return $text;
|
|
}
|
|
----
|
|
|
|
=== Compliant solution
|
|
|
|
[source,php]
|
|
----
|
|
<?php
|
|
|
|
function getText(array $lines): string {
|
|
$text = "";
|
|
|
|
foreach ($lines as $line) {
|
|
$text .= $line;
|
|
}
|
|
|
|
return $text;
|
|
}
|
|
----
|
|
|
|
== Resources
|
|
|
|
* CWE - https://cwe.mitre.org/data/definitions/457[CWE-457 - Use of Uninitialized Variable]
|
|
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
=== Message
|
|
|
|
Review the data-flow - use of uninitialized value.
|
|
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
|
|
endif::env-github,rspecator-view[]
|