Disallow escapeshellcmd, prefer escapeshellarg

2022-02-25 18:56:15 +01:00 · 2022-02-25 18:56:15 +01:00 · 8018f7309a
commit 8018f7309a
parent 280bb553b8
2 changed files with 2 additions and 2 deletions
--- a/rules/md_phpcs_rules.xml
+++ b/rules/md_phpcs_rules.xml
@ -177,7 +177,7 @@
                <element key="sizeof" value="count"/>
            </property>
            -->
-            <property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,mysql_query=>mysqli_query,mysqli_query=>null,mysql_num_rows=>mysqli_num_rows,mysqli_num_rows=>null,mysql_error=>mysqli_error,mysqli_stmt_init=>null,mysqli_stmt_close=>null,mysqli_real_escape_string=>null,mysqli_fetch_array=>mysqli_fetch_assoc,mysqli_fetch_assoc=>null,session_id=>null,print_r=>null,var_dump=>null" />
+            <property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,mysql_query=>mysqli_query,mysqli_query=>null,mysql_num_rows=>mysqli_num_rows,mysqli_num_rows=>null,mysql_error=>mysqli_error,mysqli_stmt_init=>null,mysqli_stmt_close=>null,mysqli_real_escape_string=>null,mysqli_fetch_array=>mysqli_fetch_assoc,mysqli_fetch_assoc=>null,session_id=>null,print_r=>null,var_dump=>null,escapeshellcmd=>escapeshellarg" />
        </properties>
    </rule>
--- a/rules/md_phpcs_rules_basic.xml
+++ b/rules/md_phpcs_rules_basic.xml
@ -126,7 +126,7 @@
                <element key="sizeof" value="count"/>
            </property>
            -->
-            <property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count" />
+            <property name="forbiddenFunctions" type="array" value="delete=>unset,print=>echo,create_function=>null,system=>null,sizeof=>count,escapeshellcmd=>escapeshellarg" />
        </properties>
    </rule>