| Total checks | Checks enabled by default | Disabled checks by default | Autofixable checks |
|---|---|---|---|
| 103 | 85 | 18 | 13 |
- Enabled by default
accessLevelcheckeralwaysNullcheckerargCountcheckerargsOrdercheckerarraySyntaxchecker (autofixable)assignOpchecker (autofixable)badTraitUsecheckerbareTrycheckerbitwiseOpschecker (autofixable)callSimplifychecker (autofixable)callStaticcheckercaseBreakcheckercaseContinuecheckercatchOrdercheckerconcatenationPrecedencecheckerconstCasechecker (autofixable)countUsechecker (autofixable)deadCodecheckerdeprecatedcheckerdiscardExprcheckerdiscardVarcheckerdupArrayKeyscheckerdupBranchBodycheckerdupCatchcheckerdupCondcheckerdupGlobalcheckerdupSubExprcheckeremptyStmtcheckeremptyStringCheckcheckerforLoopcheckerimplicitModifierscheckerindexingSyntaxchecker (autofixable)intNeedlecheckerintOverflowcheckerinvalidDocblockcheckerinvalidDocblockRefcheckerinvalidDocblockTypecheckerinvalidExtendClasscheckerinvalidNewcheckerkeywordCasecheckerlinterErrorcheckermagicMethodDeclcheckermaybeUndefinedcheckermethodSignatureMismatchcheckermisspellCommentcheckermisspellNamecheckermixedArrayKeyscheckernameMismatchcheckernestedTernarycheckernewAbstractcheckernonPublicInterfaceMembercheckeroffBy1checker (autofixable)oldStyleConstructorcheckerparamClobbercheckerparentConstructorcheckerprecedencecheckerprintfcheckerredundantGlobalcheckerregexpSimplifycheckerregexpSyntaxcheckerregexpVetcheckerreverseAssigncheckerselfAssigncheckerstdInterfacecheckerstrangeCastcheckerstrictCmpcheckerstripTagscheckerswitchEmptycheckerswitchSimplifycheckersyntaxcheckerternarySimplifychecker (autofixable)unaryRepeatchecker (autofixable)undefinedClasscheckerundefinedConstantcheckerundefinedFunctioncheckerundefinedMethodcheckerundefinedPropertycheckerundefinedTraitcheckerundefinedVariablecheckerunimplementedcheckerunusedcheckeruseEvalcheckeruseExitOrDiecheckeruseSleepcheckervarShadowchecker
- Disabled by default
argsReversecheckerarrayAccesscheckerclassMembersOrdercheckercomplexitycheckerdeprecatedUntaggedcheckererrorSilencecheckergetTypeMisUsechecker (autofixable)langDeprecatedcheckermissingPhpdoccheckerpackagingcheckerparentNotFoundcheckerpropNullDefaultchecker (autofixable)redundantCastcheckerreturnAssigncheckerswitchDefaultcheckertrailingCommachecker (autofixable)typeHintcheckervoidResultUsedchecker
Report erroneous member access.
$x->privateMethod(); // privateMethod is private and can't be accessed.$x->publicMethod();Report when use to always null object.
if ($obj == null && $obj->method()) { ... }if ($obj != null && $obj->method()) { ... }Report mismatching args count inside call expressions.
array_combine($keys) // The function takes at least two arguments.array_combine($keys, $values)Report suspicious arguments order.
// It is possible that the arguments are in the wrong order, since
// searching for a substring in a character does not make sense.
strpos('/', $s);strpos($s, '/');Auto fix available
Report usages of old array() syntax.
array(1, 2)[1, 2]Auto fix available
Report assignments that can be simplified.
$x = $x + $y;$x += $y;Report misuse of traits.
trait A {}
function f(A $a) {} // Traits cannot be used as type hints.class A {}
function f(A $a) {}Report try blocks without catch/finally.
try {
doit();
}
// Missing catch or finally blocks.try {
doit();
} catch (Exception $e) {
// Handle $e.
}Auto fix available
Report suspicious usage of bitwise operations.
if ($isURL & $verify) { ... } // Bitwise AND on two bool looks suspicious,if ($isURL && $verify) { ... }Auto fix available
Report call expressions that can be simplified.
in_array($k, array_keys($this->data))array_key_exists($k, $this->data)Report static calls of instance methods and vice versa.
$object::instance_method() // instance_method is not a static method.$object->instance_method()Report switch cases without break.
switch ($v) {
case 1:
echo "one"; // May want to insert a "break" here.
case 2:
echo "this fallthrough is intentional";
// fallthrough
case 3:
echo "two or three";
}switch ($v) {
case 1:
echo "one";
break;
case 2:
echo "this fallthrough is intentional";
// fallthrough
case 3:
echo "two or three";
}Report suspicious continue usages inside switch cases.
switch ($v) {
case STOP:
continue; // Continue inside a switch is equivalent to break.
case INC:
$x++;
break;
}switch ($v) {
case STOP:
break;
case INC:
$x++;
break;
}Report erroneous catch order in try statements.
try {
// Some code.
} catch (Exception $e) {
// This will catch both Exception and TimeoutException.
} catch (TimeoutException $e) {
// This is a dead code.
}try {
// Some code.
} catch (TimeoutException $e) {
// Ok, it can catch TimeoutException.
} catch (Exception $e) {
// Ok, it will catch everything else.
}Report when use unparenthesized expression containing both . and binary operator.
"id: " . $id - 10"id: " . ($id - 10)Auto fix available
Report built-in constants that are not in the lower case.
return TRUE;return true;Auto fix available
Report comparisons count(...) which are always false or true.
if (count($arr) >= 0) { ... }if (count($arr) != 0) { ... }Report potentially unreachable code.
thisFunctionAlwaysExits();
foo(); // Dead code.foo();
thisFunctionAlwaysExits();Report usages of deprecated symbols.
/**
* @deprecated Use g() instead
*/
function f() {}
f();/**
* @deprecated Use g() instead
*/
function f() {}
g();Report expressions that are evaluated but not used.
if ($cond) {
[$v, $err]; // Result expression is not used anywhere.
}if ($cond) {
return [$v, $err];
}Report the use of variables that were supposed to be unused, like $_.
$_ = some();
echo $_;$someVal = some();
echo $someVal;Report duplicated keys in array literals.
[A => 1, B => 2, A => 3] // Key A is duplicated.[A => 1, B => 2, C => 3]Report suspicious conditional branches that execute the same action.
// Regardless of the condition, the result will always be the same.
$pickLeft ? foo($left) : foo($left)$pickLeft ? foo($left) : foo($right)Report duplicated catch clauses.
try {
// some code
} catch (Exception1 $e) {
} catch (Exception1 $e) {} // <- Possibly the typo.try {
// some code
} catch (Exception1 $e) {
} catch (Exception2 $e) {}Report duplicated conditions in switch and if/else statements.
if ($status == OK) {
return "OK";
} elseif ($status == OK) { // Duplicated condition.
return "NOT OK";
} else {
return "UNKNOWN";
}if ($status == OK) {
return "OK";
} elseif ($status == NOT_OK) {
return "NOT OK";
} else {
return "UNKNOWN";
}Report repeated global statements over variables.
global $x, $y, $x; // $x was already mentioned in global.global $x, $y;Report suspicious duplicated operands in expressions.
return $x[$i] < $x[$i]; // The left and right expressions are the same.return $x[$i] < $x[$j];Report redundant empty statements that can be safely removed.
echo $foo;; // Second semicolon is unnecessary here.echo $foo;Report string emptyness checking using strlen(...).
if (strlen($string)) { ... }if ($string !== "") { ... }Report potentially erroneous for loops.
for ($i = 0; $i < 100; $i--) { ... }for ($i = 0; $i < 100; $i++) { ... }Report implicit modifiers.
class Foo {
function f() {} // The access modifier is implicit.
}class Foo {
public function f() {}
}Auto fix available
Report the use of curly braces for indexing.
$x{0}$x[0]Report using an integer for $needle argument of str* functions.
strpos("hello", 10)strpos("hello", chr(10))Report potential integer overflows that may result in unexpected behavior.
// Better to use a constant to avoid accidental overflow and float conversion.
return -9223372036854775808;return PHP_INT_MIN;Report malformed PHPDoc comments.
@property $foo // Property type is missing.@property Foo $fooReport invalid symbol references inside PHPDoc.
@see MyClass@see \Foo\MyClassReport potential issues in PHPDoc types.
@var []int $xs@var int[] $xsReport inheritance from the final class.
final class Foo {}
class Boo extends Foo {}class Foo {}
class Boo extends Foo {}Report trait or interface usages in new expressions.
// It is forbidden to create instances of traits or interfaces.
return new SomeTrait();return new SomeClass();Report keywords that are not in the lower case.
RETURN $x;return $x;Report internal linter error.
Report issues in magic method declarations.
class Foo {
private function __call($method, $args) {} // The magic method __call() must have public visibility.
public static function __set($name, $value) {} // The magic method __set() cannot be static.
}class Foo {
public function __call($method, $args) {}
public function __set($name, $value) {}
}Report usages of potentially undefined symbols.
if ($cond) {
$v = 10;
}
return $v; // $v may be undefined.$v = 0; // Default value.
if ($cond) {
$v = 10;
}
return $v;Report a method signature mismatch in inheritance.
class Foo {
final public function f() {}
}
class Boo extends Foo {
public function f() {} // Foo::f is final.
}class Foo {
public function f() {}
}
class Boo extends Foo {
public function f() {}
}Report commonly misspelled words in comments.
/** This is our performace test. */
function performance_test() {}/** This is our performance test. */
function performance_test() {}Report commonly misspelled words in symbol names.
function performace_test() ...function performance_test() ...Report array literals that have both implicit and explicit keys.
['a', 5 => 'b'] // Both explicit and implicit keys are used.[0 => 'a', 5 => 'b']Report symbol case mismatches.
class Foo {}
// The spelling is in lower case, although the class definition begins with an uppercase letter.
$foo = new foo();class Foo {}
$foo = new Foo();Report an unspecified order in a nested ternary operator.
$_ = 1 ? 2 : 3 ? 4 : 5; // There is no clear order of execution.$_ = (1 ? 2 : 3) ? 4 : 5;
// or
$_ = 1 ? 2 : (3 ? 4 : 5);Report abstract classes usages in new expressions.
// It is forbidden to create instances of abstract classes.
return new AbstractFactory();return new NonAbstractFactory();Report illegal non-public access level in interfaces.
interface Iface {
function a();
public function b();
private function c(); // Methods in an interface cannot be private.
protected function d(); // Methods in an interface cannot be protected.
}interface Iface {
function a();
public function b();
public function c();
public function d();
}Auto fix available
Report potential off-by-one mistakes.
$a[count($a)]$a[count($a)-1]Report old-style (PHP4) class constructors.
class Foo {
// Constructor in the old style of PHP 4.
public function Foo($v) { $this->v = $v; }
}class Foo {
public function __construct($v) { $this->v = $v; }
}Report assignments that overwrite params prior to their usage.
function api_get_video($user_id) {
// The arguments are assigned a new value before using the value passed to the function.
$user_id = 0;
return get_video($user_id);
}function api_get_video($user_id) {
$user_id = $user_id ?: 0;
return get_video($user_id);
}Report missing parent::__construct calls in class constructors.
class Foo extends Bar {
public function __construct($x, $y) {
// Lost call to parent constructor.
$this->y = $y;
}
}class Foo extends Bar {
public function __construct($x, $y) {
parent::__construct($x);
$this->y = $y;
}
}Report potential operation precedence issues.
$x & $mask == 0; // == has higher precedence than &($x & $mask) == 0Report issues in printf-like function calls.
sprintf("id=%d") // Lost argument for '%d' specifier.sprintf("id=%d", $id)Report global statement over superglobal variables (which is redundant).
global $Foo, $_GET; // $_GET is superglobal.global $Foo;Report regular expressions that can be simplified.
preg_match('/x(?:a|b|c){0,}/', $s) // The regex can be simplified.preg_match('/x[abc]*/', $s)Report regexp syntax errors.
Report suspicious regexp patterns.
preg_match('a\d+a', $s); // 'a' is not a valid delimiter.preg_match('/\d+/', $s);Report a reverse assign with unary plus or minus.
$a =+ 100;$a += 100;Report self-assignment of variables.
$x = $x;$x = $y;Report issues related to std PHP interfaces.
Report a strange way of type cast.
$x.""(string)$xReport not-strict-enough comparisons.
in_array("what", $s)in_array("what", $s, true)Report invalid strip_tags function usage.
$s = strip_tags($s, '<br/>') // Error, self-closing tags are ignored. $s = strip_tags($s, '<br>')Report switch with empty body.
switch ($a) {}switch ($a) {
case 1:
// do something
break;
}Report possibility to rewrite switch with the if.
switch ($a) {
case 1:
echo 1;
break;
}if ($a == 1) {
echo 1;
}Report syntax errors.
foo(1]foo(1)Auto fix available
Report ternary expressions that can be simplified.
$x ? $x : $y$x ?: $yAuto fix available
Report the repetition of unary (! or ~) operators in a row.
echo !!$a;echo (bool) $a;Report usages of undefined class or interface.
$foo = new UndefinedClass;$foo = new DefinedClass;Report usages of undefined constant.
echo PI;echo M_PI;Report usages of undefined function.
undefinedFunc();definedFunc();Report usages of undefined method.
class Foo {
public function method() {};
}
(new Foo)->method2(); // method2 is undefined.class Foo {
public function method() {}
}
(new Foo)->method();Report usages of undefined property.
class Foo {
public string $prop;
}
(new Foo)->prop2; // prop2 is undefined.class Foo {
public string $prop;
}
(new Foo)->prop;Report usages of undefined trait.
class Foo {
use UndefinedTrait;
}class Foo {
use DefinedTrait;
}Report usages of undefined variable.
echo $undefinedVar;$definedVar = 100;
echo $definedVar;Report classes that don't implement their contract.
class MyObj implements Serializable {
public function serialize() { /* ... */ }
// Lost implementation of the unserialize method.
}class MyObj implements Serializable {
public function serialize() { /* ... */ }
public function unserialize(string $s) { /* ... */ }
}Report potentially unused variables.
$result = calculateResult(); // Unused $result.
return [$err];$result = calculateResult();
return [$result, $err];Report using eval function.
eval("2 + 2");// no evalReport using exit or die functions.
exit(1);// no exitReport using sleep function.
sleep(10);// no sleepReport the shadow of an existing variable.
function f(int $a) {
// The $a variable hides the $a argument.
foreach ([1, 2] as $a) {
echo $a;
}
}function f(int $a) {
foreach ([1, 2] as $b) {
echo $b;
}
}Report using variables as arguments in reverse order.
function makeHello(string $name, int $age) {
echo "Hello ${$name}-${$age}";
}
function main(): void {
$name = "John";
$age = 18;
makeHello($age, $name); // The name should come first, and then the age.
}function makeHello(string $name, int $age) {
echo "Hello ${$name}-${$age}";
}
function main(): void {
$name = "John";
$age = 18;
makeHello($name, $age);
}Report array access to non-array objects.
return $foo[0]; // $foo value may not implement ArrayAccessif ($foo instanceof ArrayAccess) {
return $foo[0];
}Report the wrong order of the class members.
class A {
// In the class, constants and properties should go first, and then methods.
public function func() {}
const B = 1;
public $c = 2;
}class A {
const B = 1;
public $c = 2;
public function func() {}
}Report funcs/methods that are too complex.
function checkRights() {
// Super big function.
}function checkRights() {
return true; // Or 42 if you need int-typed result.
}Report usages of deprecated symbols if the @deprecated tag has no description (see deprecated check).
/**
* @deprecated
*/
function f() {}
f();/**
* @deprecated
*/
function f() {}
g();Report using @.
@f();f();Auto fix available
Report call gettype function.
if (gettype($a) == "string") { ... }if (is_string($a)) { ... }Report the use of deprecated (per language spec) features.
$a = (real)100; // 'real' has been deprecated.
$_ = is_real($a);$a = (float)100;
$_ = is_float($a);Report missing PHPDoc on public methods.
public function process($acts, $config) {
// Does something very complicated.
}/**
* Process executes all $acts in a new context.
* Processed $acts should never be processed again.
*
* @param Act[] $acts - acts to execute
* @param array $config - options
*/
public function process($acts, $config) {
// Does something very complicated.
}Report call @internal method outside @package.
// file Boo.php
namespace BooPackage;
/**
* @package BooPackage
* @internal
*/
class Boo {
public static function b() {}
}
// file Foo.php
namespace FooPackage;
/**
* @package FooPackage
*/
class Foo {
public static function f() {}
/**
* @internal
*/
public static function fInternal() {}
}
// file Main.php
namespace Main;
use BooPackage\Boo;
use FooPackage\Foo;
class Main {
public static function main(): void {
Foo::f(); // ok, call non-internal method outside FooPackage
Boo::b(); // error, call internal method inside other package
Foo::fInternal(); // error, call internal method inside other package
}
}// file Boo.php
namespace BooPackage;
/**
* @package BooPackage
* @internal
*/
class Boo {
public static function b() {}
}
// file Foo.php
namespace BooPackage;
/**
* @package BooPackage
*/
class Foo {
public static function f() {}
/**
* @internal
*/
public static function fInternal() {}
}
// file Main.php
namespace BooPackage;
/**
* @package BooPackage
*/
class Main {
public static function main(): void {
Foo::f(); // ok, call internal method inside same package
Boo::b(); // ok, call internal method inside same package
Foo::fInternal(); // ok, call internal method inside same package
}
}Report using parent:: in a class without a parent class.
class Foo {
public function f() {
parent::b(); // Class Foo has no parent.
}
}class Foo extends Boo {
public function f() {
parent::b(); // Ok.
}
}Auto fix available
Report a null assignment for a not nullable property.
class Foo {
/**
* @var Boo $item
*/
public $item = null; // The type of the property is not nullable, but it is assigned null.
}class Foo {
/**
* @var Boo $item
*/
public $item;
}Report redundant type casts.
return (int)10; // The expression is already of type int.return 10;Report the use of assignment in the return statement.
return $a = 100;return $a;Report the lack or wrong position of default.
switch ($a) {
case 1:
echo 1;
break;
}switch ($a) {
case 1:
echo 1;
break;
default:
echo 2;
break;
}Auto fix available
Report the absence of a comma for the last element in a multi-line array.
$_ = [
10,
20 // Lost comma at the end for a multi-line array.
]$_ = [
10,
20,
]Report misuse of type hints.
// The array typehint is too generic, you need to specify a specialization or mixed[] in PHPDoc.
function f(array $a) {}/**
* @param mixed[] $a
*/
function f(array $a) {}Report usages of the void-type expressions
$x = var_dump($v); // var_dump returns void.$x = print_r($v, true);