|Summary: This page explains how to prepare and configure the analysis of your PHP source code.|
The PHP extension requires that PHP (which includes all third-party items such as Code Sniffer) is installed on the analysis machine before an analysis is run: PHP is bundled with the PHP extension (third party PHP installations are not compatible with the PHP extension and must be removed and replaced with PHP bundled with the PHP extension).
The following steps describe how to install PHP to the analysis machine:
- Go to the "TOOLS" folder - this folder is created after unpacking the extension archive file.
Inside the "php_sniffer_install" folder, open the file "PHPINSTALL.bat" in edit mode.
- PHP must be installed to a folder name that does not contain white space therefore CAST highly recommends that you leave the settings as they are in PHPINSTALL.batwhich will install PHP to C:\php. If necessary you can change this if you require by updating the PHPINSTL_DRIVE variable:
REM ***************************************************** REM Specify the Directory where PHP would be installed ** REM Specify the directory where PHP would be installed ** REM A directory PHP would be created inside it. ** REM ***************************************************** set local_path=%0 set batch_path=%~dp0 set local_path=%local_path:PHPINSTALL.bat=% set local_path=%local_path:"=% SET PHPINSTL_DRIVE=C: SET PHPINSTL_DIR=%PHPINSTL_DRIVE%\php
Save and close the batch file "PHPINSTALL.bat"
- Run the batch file "PHPINSTALL.bat" - this will start the installation process. Please follow below the installation process steps:
When prompted: "Are your installations a system wide PEAR or a local copy ?", two choices are available: system or local. Both installation types are OK for the PHP extension, but CAST recommends the system wide installation.
When prompted: "Below is a suggested file layout for your new PEAR installation. To change individual locations, type the number in front of the directory. Type 'all' to change all of them or simply press Enter to accept these locations." The recommendation for this step is to type ENTER and therefore accept the default configuration.
- Go to the "C:\Windows" folder and check if the "php.ini" file exists.
If it does, add the following lines anywhere in the file:
;Increase of the memory of the Code Sniffer memory_limit = 3072M
- If the file "php.ini" does not exist, create it and add the following lines:
;Increase of the memory of the Code Sniffer memory_limit = 3072M
- Create a System Environment Variable called"PHP_HOME" with the value of the physical folder where PHP has been installed - for example "C:\php"
The installation is now complete.
|The PHP installation needs to be completed once on each machine that will be used to analyze PHP.|
Source code requirements
- Only files with following extensions will be analyzed *.php; *.php4; *.php5; *.php6; *.inc; *.phtml
The *.yml and *.yaml extensions are also supported since PHP 1.1 for Symfony framework support
- The analysis of XML and XSL files contained in the PHP application is not supported.
Source code preprocessing
PHP source code needs to be preprocessed so that CAST can understand it and analyze it correctly. In previous releases of the PHP extension, this preprocessing was a manual action that needed to be completed before the code was analyzed. However, in this release and all future releases, the code preprocessing is actioned automatically when an analysis is launched or a snapshot is generated (the code is preprocessed before the analysis starts). In other words you only need to package, deliver and launch an analysis/generate a snapshot for the preprocessing to be completed.
|Note that the CAST Management Studio will use the LISA folder (see CAST Management Studio help for more information about this folder).|
JRE and JAVA_HOME
In certain circumstances, the PHP extension requires a JAVA_HOME system environment variable to be present on the machine pointing to an installation of Java JRE 1.7, so that the preprocessor can run. See Prerequisites for more information.
Application Source code delivery and Snapshot generation
When delivering your source code for analysis with CAST, you need to follow the same process as for technologies that are supported by CAST "out of the box". In other words:
- Registering new domains and applications in the CAST AIC Portal
Add and Deliver Application code source - when you create and configure a new package in the CAST Delivery Manager Tool, choose the option Files on your file system as the source location in the Add package wizard:
- Return to the CAST Management Studio and:
- View the results in the CAST Health Dashboard or the CAST Engineering Dashboard.
Analysis results (Symfony Framework)
For an Application that uses the Symfony Framework, New Symfony Objects and links will be created:
- PHP Symfony Controller Class
- PHP Symfony Controller
- PHP Symfony Service
- PHP Symfony Route
In CAST Enlighten, all Symfony objects will appear under their respective folders as shown below :
PHP Symfony Controller Class
- Supported scenario: If the Class name ends with Controller, we will create PHP Symfony Controller Class objects
- PHP Symfony Controller Class ----Refer Link---> PHP Class
- Limitations: Alternate syntax where you can give the class name that does not have suffix "Controller" is not supported
PHP Symfony Controller
- Supported scenario: If the method or function ends with suffix "Action", then PHP Symfony Controller Object will be created
- PHP Symfony Controller --- Refer Link ---> PHP Symfony Route
- PHP Symfony Controller --- Refer Link ---> PHP Method\Function
PHP Symfony Route
- Supported scenario:
- If a route has been declared in the yml file, a route object will be created
- If a route has been declared in PHP file an annotation route object will be created as follows:
- Default naming convention for route annotation when declared without name above class "<classname>_Class_Annotation_<number>"
- Default naming convention for route annotation when declared without name above method "<methodname>_Method_Annotation_<number>"
- PHP Symfony Route --- Call Link ---> PHP Symfony Controller
PHP Symfony Service
- Supported scenario: If a service has been declared in the yml configuration files, PHP Symfony Service Object will be created
- PHP Symfony Service --- Call Link ---> PHP Method
- PHP Symfony Service --- Call Link ---> PHP Property
- PHP Symfony Service --- Call Link ---> PHP Class constructor
- Limitation: Inheritance is not supported while determining property setter or constructor injection - they need to be defined in the same class which is being referred to in the service
Errors and Warnings
The PHP configuration included in the extension uses external plugins. During the analysis, the Universal Analyzer or the plugin can throw errors or warnings. The table below list the most significant errors/warnings and lists a suggested remediation action:
|Tool||Error or Warning||Action|
|Analyzer & Code Sniffer||UA Plugin : No property (......) found in meta model for php...||No action required. The analyzer is telling you that not all the properties are considered to be injected into the Analysis Service.|