Audit required: Insecure use of logger PHP-A1011
Logging user-provided values directly can put application vulnerable to multiple attack vectors. Superglobal variables contains values specified by the user, which are considered as tainted and untrusted. Therefore, it is discouraged to pass these variables directly to the logger.
Unused variable in the closure use PHP-W1039
One or more variables mentioned in the closure's use clause are unused.
It is recommended to remove them from the use clause.
Missing class doc comment PHP-D1001
Documentation comments are helpful in understanding what that part of the code is responsible for. It is always a good idea to add documentation to your code to improve the code readability and maintainability. In addition to that, it becomes helpful when you revisit the code after a long time. Here, the class is missing the doc comment and it is recommended to add it for the reasons discussed above.
Missing function/class method doc comment PHP-D1002
Documentation comments are helpful in understanding what that part of the code is responsible for. It is always a good idea to add documentation to your code to improve the code readability and maintainability. In addition to that, it becomes helpful when you revisit the code after a long time. Here, the function/class method is missing the doc comment and it is recommended to add it for the reasons discussed above.
Invalid class instantiation PHP-W1012
The class has been incorrectly instantiated, which would cause a runtime error.
Use of FIXME/XXX/TODO encountered PHP-W1073
You have marked this block as FIXME/TODO/XXX. Please make sure this is addressed, or remove this comment as this could be misleading.
Audit required: Use of insecure eval() function found PHP-A1000
eval() function allows execution of an arbitrary PHP code. Executing code dynamically is security-sensitive and should be avoided.
Invalid assignment PHP-W1032
The assignment is not valid and would raise an error during the runtime.
Syntax error PHP-E1111
Syntax error found in this file. Please refer to the error message for more information.
Invalid use of implements keyword PHP-W1008
A class can only be able to implement an interface using implements keyword.
Trying to use implements keyword to reference anything other than an interface, can result in fatal error.
Class constants don't comply with PSR standards PHP-C1000
As per PSR-1, class constants must be declared in all upper cases with underscore separators only.
It is recommended to follow PSR standards while developing PHP applications so the code is consistent and can be easily maintained.
Invalid use of increment/decrement operators PHP-E1006
This issue is raised when increment/decrement operators are used on any other type of variable than numbers or strings.
throw expression used in PHP < 8.0 PHP-W1017
throw expression is allowed only in PHP >= 8.0.
Trying to use it in earlier PHP versions will give you an error.
Call with inconsistent number of parameters PHP-W1025
This issue is raised when the number of parameters passed to sprintf / sscanf / fscanf doesn't match the number of placeholders.
It is recommended to make sure the number of placeholders and parameters are the same.
Unused constructor parameter PHP-W1037
The constructor signature contains one or more unused parameters. Since these are nowhere used in the class, it can be safely removed.
Bad argument passed to isset PHP-W1040
isset is either used with an undefined variable or a variable that is known to be defined and non-null.
Undefined function call detected PHP-E1000
A function has been called, but not defined. This will result in a run time fatal error.
Exception being raised is not from a valid exception class PHP-E1001
The Exception class you are trying to use seems to be invalid. This will result in a run time fatal error.
Method is called but not defined PHP-E1002
The method you are trying to call is not defined, which can result in a fatal error.
Invalid static method call detected PHP-E1003
Invalid call to a static method. This would lead to a run time error.