Is there a static analysis tool for PHP source files?
The binary itself can check for syntax errors, but I'm looking for something that does more, like:
This question is related to
php
code-analysis
static-analysis
Unitialized variables check. Link 1 and 2 already seem to do this just fine, though.
I can't say I have used any of these intensively, though :)
There is RIPS - A static source code analyser for vulnerabilities in PHP scripts. The source code of RIPS is available at SourceForge.
From the RIPS site:
RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by userinput (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis.
I have tried using php -l and a couple of other tools.
However, the best one in my experience (your mileage may vary, of course) is scheck of pfff toolset. I heard about pfff on Quora (Is there a good PHP lint / static analysis tool?).
You can compile and install it. There are no nice packages (on my Linux Mint Debian system, I had to install the libpcre3-dev, ocaml, libcairo-dev, libgtk-3-dev and libgimp2.0-dev dependencies first) but it should be worth an install.
The results are reported like
$ ~/sw/pfff/scheck ~/code/github/sc/
login-now.php:7:4: CHECK: Unused Local variable $title
go-automatic.php:14:77: CHECK: Use of undeclared variable $goUrl.
There a new tool called nWire for PHP. It is a code exploration plugin for Eclipse PDT and Zend Studio 7.x. It enables real-time code analysis for PHP and provides the following tools:
PHP Mess Detector is awesome and fast.
The NetBeans IDE checks for syntax errors, unusued variables and such. It's not automated, but works fine for small or medium projects.
For completeness -- also check phpCallGraph.
Unitialized variables check. Link 1 and 2 already seem to do this just fine, though.
I can't say I have used any of these intensively, though :)
See Semantic Designs' CloneDR, a "clone detection" tool that finds copy/paste/edited code.
It will find exact and near miss code fragments, in spite of white space, comments and even variable renamings. A sample detection report for PHP can be found at the website. (I'm the author.)
Unitialized variables check. Link 1 and 2 already seem to do this just fine, though.
I can't say I have used any of these intensively, though :)
For completeness -- also check phpCallGraph.
The NetBeans IDE checks for syntax errors, unusued variables and such. It's not automated, but works fine for small or medium projects.
There is a tool for static code analysis called PHP Analyzer. PHP Analyzer is now a deprecated project, but you still can access it on the legacy branch.
Among many types of static analysis it also provides basic auto-fixing functionality, see the documentation.
There a new tool called nWire for PHP. It is a code exploration plugin for Eclipse PDT and Zend Studio 7.x. It enables real-time code analysis for PHP and provides the following tools:
PHP Mess Detector is awesome and fast.
You may want to try compiling with Facebook's HipHop.
It does a static analysis on the entire project and may be what you're looking for.
For completeness -- also check phpCallGraph.
There is a tool for static code analysis called PHP Analyzer. PHP Analyzer is now a deprecated project, but you still can access it on the legacy branch.
Among many types of static analysis it also provides basic auto-fixing functionality, see the documentation.
You may want to try compiling with Facebook's HipHop.
It does a static analysis on the entire project and may be what you're looking for.
I have tried using php -l and a couple of other tools.
However, the best one in my experience (your mileage may vary, of course) is scheck of pfff toolset. I heard about pfff on Quora (Is there a good PHP lint / static analysis tool?).
You can compile and install it. There are no nice packages (on my Linux Mint Debian system, I had to install the libpcre3-dev, ocaml, libcairo-dev, libgtk-3-dev and libgimp2.0-dev dependencies first) but it should be worth an install.
The results are reported like
$ ~/sw/pfff/scheck ~/code/github/sc/
login-now.php:7:4: CHECK: Unused Local variable $title
go-automatic.php:14:77: CHECK: Use of undeclared variable $goUrl.
Unitialized variables check. Link 1 and 2 already seem to do this just fine, though.
I can't say I have used any of these intensively, though :)
See Semantic Designs' CloneDR, a "clone detection" tool that finds copy/paste/edited code.
It will find exact and near miss code fragments, in spite of white space, comments and even variable renamings. A sample detection report for PHP can be found at the website. (I'm the author.)
There is RIPS - A static source code analyser for vulnerabilities in PHP scripts. The source code of RIPS is available at SourceForge.
From the RIPS site:
RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by userinput (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis.
For completeness -- also check phpCallGraph.
Source: Stackoverflow.com