scanner/modules/scanner_variables.php

<?php
class VariableModule extends ScannerModule {
	private $assigned_variables = array();
	private $captured = array();
	
	function VariableModule() {
		$this->ScannerModule();
	}
	function parserCallback( $object ) {
		$pattern = '/\$[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*/';
		$matches = array();
		$scope = "{$object['in_class']}::{$object['in_function']}";
		if (!isset($this->assigned_variables[$scope] ) )
			$this->assigned_variables[$scope] = array();
		if ($object['type'] == PHPPARSER_ASSIGNMENT) {
			//$this->fault($object, 0, "Assignment: {$object['name']}");
			list($variable, $value) = explode('=', $object['name']);
			$this->assigned_variables[$scope][] = $variable;
		}
		if (
			$object['type'] == PHPPARSER_VARIABLE
			// Cannot yet accurately scan the global scope, so functions only
			&& !empty($object['in_function'])
			&& !in_array($object['name'], $this->assigned_variables[$scope])
			&& !in_array($object['name'], array(
				// Superglobals are exempt, obviously
				'$GLOBALS', '$_SERVER', '$_GET', '$_POST', '$_FILES', '$_COOKIE', '$_SESSION', '$_REQUEST', '$_ENV'
			))
		) {
			$this->fault($object, FAULT_MEDIUM, "Undefined Variable: {$object['name']}");
		}
	}
}

addModule( new VariableModule() );
?>
Parser modified to return inline html, variables and variable assignment. Included some phpunit tests. Assignment fetching is good, but not perfect (doesn't handle array index assignment or nested expressions yet, see tests for more information). Therefore, the variable scan is not enabled by default yet. Mantis: 2691 git-svn-id: file:///srv/svn/scanner/trunk@19 a0501263-5b7a-4423-a8ba-1edf086583e7 2008-05-22 20:05:53 +00:00			`<?php`
			`class VariableModule extends ScannerModule {`
			`private $assigned_variables = array();`
			`private $captured = array();`

			`function VariableModule() {`
			`$this->ScannerModule();`
			`}`
			`function parserCallback( $object ) {`
			`$pattern = '/\$[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*/';`
			`$matches = array();`
			`$scope = "{$object['in_class']}::{$object['in_function']}";`
			`if (!isset($this->assigned_variables[$scope] ) )`
			`$this->assigned_variables[$scope] = array();`
			`if ($object['type'] == PHPPARSER_ASSIGNMENT) {`
			`//$this->fault($object, 0, "Assignment: {$object['name']}");`
			`list($variable, $value) = explode('=', $object['name']);`
			`$this->assigned_variables[$scope][] = $variable;`
			`}`
			`if (`
			`$object['type'] == PHPPARSER_VARIABLE`
			`// Cannot yet accurately scan the global scope, so functions only`
			`&& !empty($object['in_function'])`
			`&& !in_array($object['name'], $this->assigned_variables[$scope])`
			`&& !in_array($object['name'], array(`
			`// Superglobals are exempt, obviously`
			`'$GLOBALS', '$_SERVER', '$_GET', '$_POST', '$_FILES', '$_COOKIE', '$_SESSION', '$_REQUEST', '$_ENV'`
			`))`
			`) {`
			`$this->fault($object, FAULT_MEDIUM, "Undefined Variable: {$object['name']}");`
			`}`
			`}`
			`}`

			`addModule( new VariableModule() );`
			`?>`