Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PHP validity checker

    Scheduled Pinned Locked Moved Development
    8 Posts 7 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      phil.davis
      last edited by

      Greetings,
      There seem to be a "never-ending" trickle of bugs that are found that are simply typos of function or variable names. The latest is https://github.com/pfsense/pfsense/commit/7fd38f44ba327ab1cd1cad3ac76ebb169ccb12e0
      Somehow when a module is loaded, the PHP parser does not go through the whole thing and find any function calls that are to unknown function names. So it waits until the particular code path is traversed before the error appears.
      Also there is the problem that in PHP a var does not have to be declared before being used, so a typo in a var name just results in the data being blank, and the code barrels on until something bad happens or the system does something, but not quite what was wanted.
      It would be good to find all these "dumb" errors and fix them.

      Are there some tools somewhere that can parse the whole system and report references to unknown function names, and suspect vars?

      As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
      If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

      1 Reply Last reply Reply Quote 0
      • T
        Tikimotel
        last edited by

        Some of the css files can also use some tidy-ing.
        I  put the pfsense_ng theme "all.css" and "login.css" through csstidy1.3 using a site called http://devilo.us/ and save them back in to my pfsense.
        advanced options:

        • Compression = Medium (balanced)

        • Optimise shorthand = Yes, common+fonts

        • Discard invalid properties = CSS 3 compatible

        • Preserve comments = On

        Not only are they smaller, but the browsers complain less.

        Some of the links to javascript and theme-files could use a fixed location instead of relative.
        In "system.inc" I change "./themes/" to "/themes/" for 3 instances.
        In "fbegin.inc" I change "javascript/domTT/" to "**/**javascript/domTT/" for 4 instances @ line 348.

        For the status page in unbound I change the status width to 88 from 101 to fit the pfsense_ng theme better.

        Alas I don't know of any tools to help with php development other than being carefull and maybe create a list of all the reused variable names so you use the correct naming convention.

        1 Reply Last reply Reply Quote 0
        • B
          bryan.paradis
          last edited by

          Could move to a higher error reporting level and clean it up and leave that as the norm maybe

          http://php.net/manual/en/function.error-reporting.php

          A quick look around:

          http://phpcodechecker.com/

          http://www.icosaedro.it/phplint/phplint-on-line.html

          http://www.meandeviation.com/tutorials/learnphp/php-syntax-check/v5-3/syntax-check.php

          http://www.piliapp.com/php-syntax-check/

          
          Depends on error_reporting level
          
          php -l <filename></filename>
          

          Using an IDE that is aware of what you are doing would certainly make it harder to type in something wrong.

          1 Reply Last reply Reply Quote 0
          • R
            robi
            last edited by

            @Tikimotel:

            …the browsers complain less.

            How do you mean that? I didn't see any complain so far from my Firefox, however, I'm still interested of what I don't notice…

            1 Reply Last reply Reply Quote 0
            • E
              eri--
              last edited by

              Unfortunatley, no.

              The only validator is php -l but it does not go through the code path.

              The alternative is to use unit testing but with php that is such a big mess.

              1 Reply Last reply Reply Quote 0
              • T
                Tikimotel
                last edited by

                @robi:

                @Tikimotel:

                …the browsers complain less.

                How do you mean that? I didn't see any complain so far from my Firefox, however, I'm still interested of what I don't notice…

                Chrome : Left mouse button "inspect element".
                Firefox: Left mouse button "Inspect element (Q)".

                Example of Devilo.us Parser log:

                
                99
                Removed invalid property: filter
                100
                Removed invalid property: -moz-opacity
                119
                Removed invalid property: -moz-opacity
                125
                Removed invalid property: filter
                126
                Removed invalid property: -moz-opacity
                140
                Removed invalid property: -moz-opacity
                146
                Removed invalid property: align
                459
                Removed invalid property: filter
                460
                Removed invalid property: -moz-opacity
                472
                Added semicolon to the end of declaration
                533
                Added semicolon to the end of declaration
                547
                Removed invalid property: filter
                548
                Removed invalid property: -moz-opacity
                1247
                Added semicolon to the end of declaration
                1368
                Removed invalid property: <--background-color
                1369
                Removed invalid property: thiscausinglightgrayrectanglestotherightofmanytablesingui--padding-right
                Optimised color: Changed '#990000' to '#900'
                Optimised color: Changed 'white' to '#fff'
                Optimised color: Changed '#FFD9D1' to '#ffd9d1'
                Optimised color: Changed '#000000' to '#000'
                Optimised color: Changed '#333333' to '#333'
                Optimised color: Changed '#FFFFFF' to '#fff'
                Optimised number: Removed unit 'px' from '0px'
                Optimised color: Changed '#550000' to '#500'
                Optimised color: Changed '#666666' to '#666'
                Optimised color: Changed '#eeeeee' to '#eee'
                Optimised color: Changed '#ffffff' to '#fff'
                Optimised color: Changed 'black' to '#000'
                Optimised color: Changed '#777777' to '#777'
                Optimised color: Changed '#DDDDDD' to '#ddd'
                Optimised color: Changed '#999999' to '#999'
                Optimised color: Changed '#FFFFC6' to '#ffffc6'
                Optimised color: Changed '#CC0000' to '#c00'
                Optimised color: Changed '#A0A0A0' to '#a0a0a0'
                Optimised color: Changed '#BBBBBB' to '#bbb'
                Optimised color: Changed '#D9DEE8' to '#d9dee8'
                Optimised color: Changed '#EEEEEE' to '#eee'
                Optimised color: Changed '#3366cc' to '#36c'
                Optimised color: Changed '#cccccc' to '#ccc'
                Optimised number: Removed unit 'em' from '0em'
                Optimised color: Changed '#B1B1B1' to '#b1b1b1'
                Optimised color: Changed '#CCCCCC' to '#ccc'
                Optimised number: Removed unit '%' from '0%'
                Fixed invalid color name: Changed 'LimeGreen' to '#32cd32'
                Optimised color: Changed 'LimeGreen' to '#32cd32'
                
                1 Reply Last reply Reply Quote 0
                • C
                  cmb
                  last edited by

                  I suspect if you cranked up PHP's logging you'd possibly find some such issues, but you'd have to parse through so much noise I'm not sure that would be effective.

                  One would think there are static analysis tools that would find things along those lines, and there probably are. I haven't had a chance to look for that specifically. The static analysis I do on our code base is security-focused.

                  1 Reply Last reply Reply Quote 0
                  • jimpJ
                    jimp Rebel Alliance Developer Netgate
                    last edited by

                    At one time we talked about a git hook that would reject a push if it failed a simple "php -l" validation. It's not perfect, but it would catch common mistakes/obvious typos.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.