Magento Marketplace User Guide
Code Examples

When the technical review is complete, any errors that are found during the automated scan are added as comments to the code.

  • Code with “Severity 10” Errors
    <?php
    // severity 10 errors
    // 3 (not in this file) - Generic.PHP.CharacterBeforePHPOpeningTag.Found
    // 4 - Squiz.PHP.Eval.Discouraged
    eval( '?> foo <?php' );
    // 6 - Generic.PHP.Syntax
    // 10 - Generic.Functions.CallTimePassByReference.NotAllowed
    if ($database->loadObject(&$row)) {}
    // 11 - Generic.PHP.DeprecatedFunctions.Deprecated
    ereg();
    ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2})", '', '');
    // 7 - Ecg.Security.Superglobal.SuperglobalUsage
    $data = strtolower($_POST['data']);
    // 8 - Ecg.Strings.RegEx.PossibleExecutableRegEx
    public static function camelize($word) {
    return preg_replace('/(^|_)([a-z])/e', 'strtoupper("\\2")', $word);
    }
    // 9 - Ecg.Strings.StringPosition.ImproperValueTesting
    if (strpos('hello', 'world') == 0) {}
    // 12 - Ecg.PHP.Goto.Found
    goto end;
    end:
    // 13-M1 - Ecg.Security.Acl.MissingAclMethod
    class maks extends Mage_Adminhtml_Controller_Action
    {
    public function getmappAction()
    {
    }
    }
    // 5 - Zend.Files.ClosingTag.NotAllowed
    ?>
  • Code with “Severity 8” Errors
    <?php
    // 22-M1 - Ecg.Performance.CollectionCount.Found
    $itemQty =  $order->getItemsCollection()->count();
    // 23-M1 - Ecg.Performance.FetchAll.Found
    $data = $stmt->fetchAll();
    // 24-M1 - Ecg.Performance.GetFirstItem.Found
    $data = $collection->getFirstItem();
    // 15-M1 - Ecg.Security.LanguageConstruct.ExitUsage
    if ($a > 100) { exit(); }
    // 28-M1 - Ecg.Security.IncludeFile.IncludeFileDetected
    include('index.php');
    // 29-M1 - Ecg.Security.LanguageConstruct.WrongBackQuotesUsage
    echo(`hello`);
    // 31-M1 | 14-M2 - Generic.Files.OneClassPerFile.MultipleFound
    class A {}
    class B {}
    // 32-M1 | 15-M2 - Generic.Files.OneInterfacePerFile.MultipleFound
    interface C {}
    interface D {}
    // 34-M1 | 17-M2 - Generic.Metrics.CyclomaticComplexity.TooHigh
    private function _countCalls(PHP_Depend_Code_AbstractCallable $callable)
    {
    $callT  = array(
    \PDepend\Source\Tokenizer\Tokens::T_STRING,
    \PDepend\Source\Tokenizer\Tokens::T_VARIABLE
    );
    $chainT = array(
    \PDepend\Source\Tokenizer\Tokens::T_DOUBLE_COLON,
    \PDepend\Source\Tokenizer\Tokens::T_OBJECT_OPERATOR,
    );
    $called = array();
    $tokens = $callable->getTokens();
    $count  = count($tokens);
    for ($i = 0; $i < $count; ++$i) {
    // break on function body open
    if ($tokens[$i]->type === \PDepend\Source\Tokenizer\Tokens::T_CURLY_BRACE_OPEN) {
    break;
    }
    }
    for (; $i < $count; ++$i) {
    // Skip non parenthesis tokens
    if ($tokens[$i]->type !== \PDepend\Source\Tokenizer\Tokens::T_PARENTHESIS_OPEN) {
    continue;
    }
    // Skip first token
    if (!isset($tokens[$i - 1]) || !in_array($tokens[$i - 1]->type, $callT)) {
    continue;
    }
    // Count if no other token exists
    if (!isset($tokens[$i - 2]) && !isset($called[$tokens[$i - 1]->image])) {
    $called[$tokens[$i - 1]->image] = true;
    ++$this->_calls;
    continue;
    } else if (in_array($tokens[$i - 2]->type, $chainT)) {
    $identifier = $tokens[$i - 2]->image . $tokens[$i - 1]->image;
    for ($j = $i - 3; $j >= 0; --$j) {
    if (!in_array($tokens[$j]->type, $callT)
    && !in_array($tokens[$j]->type, $chainT)
    ) {
    break;
    }
    $identifier = $tokens[$j]->image . $identifier;
    }
    if (!isset($called[$identifier])) {
    $called[$identifier] = true;
    ++$this->_calls;
    }
    } else if ($tokens[$i - 2]->type !== \PDepend\Source\Tokenizer\Tokens::T_NEW
    && !isset($called[$tokens[$i - 1]->image])
    ) {
    $called[$tokens[$i - 1]->image] = true;
    ++$this->_calls;
    }
    }
    }
    // 37-M1 | 20-M2 - Generic.PHP.NoSilencedErrors.Discouraged
    (@include("file.php"))
    OR die("Could not find file.php!");
    @include("file.php");
    // 19-M1 - Generic.Classes.DuplicateClassName.Found
    class ClassOne {}
    class ClassOne {}
    // 39-M1 | 22-M2 - Squiz.PHP.DiscouragedFunctions.Discouraged
    var_dump($d);
    // 20-M1 - Generic.CodeAnalysis.JumbledIncrementer.Found
    for ($i = 0; $i < 10; $i++) {
    for ($k = 0; $k < 20; $i++) {
    echo 'Hello';
    }
    }
    foreach($collection as $col) {
    // 27-M1 - Ecg.Performance.Loop.ModelLSD
    $prod->load($col->getId());
    }
    // 21-M1 - Ecg.Classes.ObjectInstantiation.DirectInstantiation
    $block_2 = new Mage_Core_Block_Text ();
    Mage::getModel('modulename/class');
    $block_2 = Mage::getSingleton('core/layout')->createBlock('core/text');
    // 16-M1 - Ecg.Sql.RawQuery.RawSql
    $write->query("Insert into table_name values('','','','')");
    foreach ($collection as $item) {
    // 25-M1 - Ecg.Performance.Loop.ArraySize
    $firstItem = $collection->getFirstItem();
    // 26-M1 - Ecg.Performance.Loop.DataLoad
    if (count($data)) {
    }
    }
    // 17-M1 - Ecg.Sql.SlowQuery.SlowRawSql
    $sql = 'SELECT * FROM t GROUP BY customer_id';
    // 18-M1 - Ecg.Sql.SlowQuery.SlowSql
    $select->group('t.customer_id');