How to perform static code analysis in php?


Question

Is there an static analysis tool for PHP source files? The binary itself can check for syntax errors, but I'm looking for something that does more, like:

  • unused variable assignments
  • arrays that are assigned into without being initialized first
  • and possibly code style warnings
  • ...
1
456
6/24/2019 8:28:29 PM

Accepted Answer

Run php in lint-mode from the command line to validate syntax without execution:

php -l FILENAME

Higher-level static analyzers include:

Lower-level analyzers include:

Runtime analyzers, which are more useful for some things due to PHPs dynamic nature, include:

The documentation libraries phpdoc and doxygen perform a kind of code analysis. Doxygen, for example, can be configured to render nice inheritance graphs with graphviz.

Another option is xhprof, which is similar to xdebug, but lighter, making it suitable for production servers. The tool includes a PHP-based interface.

349
8/11/2018 12:22:41 AM

Online PHP lint

PHPLint

Unitialized variables check. Link 1 and 2 already seem to do this just fine, though.

I can't say I have used any of these intensively, though :)


Licensed under: CC-BY-SA with attribution
Not affiliated with: Stack Overflow
Icon