31
2
mirror of https://github.com/joomla-extensions/jedchecker.git synced 2024-06-13 18:32:20 +00:00

clean PHP code (by removing comments only) in the jamss rules to avoid false-positives

This commit is contained in:
Denis Ryabov 2021-02-23 23:25:41 +03:00
parent 7b8532f372
commit 071d50ce65

View File

@ -306,6 +306,8 @@ class JedcheckerRulesJamss extends JEDcheckerRule
}
else
{
$content = $this->cleanComments($content);
// Do a search for fingerprints
foreach ($patterns As $pattern)
{
@ -431,4 +433,82 @@ class JedcheckerRulesJamss extends JEDcheckerRule
$info = !empty($info)?sprintf($this->params->get('info'), htmlentities($info, ENT_QUOTES)):"";
$this->report->addWarning($path, $info . $title, $line, $code);
}
/**
* @param string $content
*
* @return string
*/
private function cleanComments($content)
{
if (!preg_match('/<\?php\s/i', $content, $match, PREG_OFFSET_CAPTURE))
{
// No PHP code found
return $content;
}
$pos = $match[0][1];
$cleanContent = substr($content, 0, $pos);
while (preg_match('/(?:[\'"]|\/\*|\/\/|\?>)/', $content, $match, PREG_OFFSET_CAPTURE, $pos))
{
$foundPos = $match[0][1];
$cleanContent .= substr($content, $pos, $foundPos - $pos);
$pos = $foundPos;
switch ($match[0][0])
{
case '"':
case "'":
$q = $match[0][0];
if (!preg_match("/$q(?>[^$q\\\\]+|\\\\.)*$q/As", $content, $match, 0, $pos))
{
return $cleanContent . substr($content, $pos);
}
$cleanContent .= $match[0];
$pos += strlen($match[0]);
break;
case '/*':
$cleanContent .= '/*';
$pos += 2;
$endPos = strpos($content, '*/', $pos);
if ($endPos === false)
{
return $cleanContent;
}
$cleanContent .= str_repeat("\n", substr_count(substr($content, $pos, $endPos - $pos), "\n")) . '*/';
$pos = $endPos + 2;
break;
case '//':
$pos += strcspn($content, "\r\n", $pos);
break;
case '?>':
$cleanContent .= '?>';
$pos += 2;
if (!preg_match('/<\?php\s/i', $content, $match, PREG_OFFSET_CAPTURE, $pos))
{
// No PHP code found (up to the end of the file)
return $cleanContent . substr($content, $pos);
}
$foundPos = $match[0][1];
$cleanContent .= substr($content, $pos, $foundPos - $pos) . $match[0][0];
$pos = $foundPos + strlen($match[0][0]);
break;
}
}
return $cleanContent;
}
}