Static analysis with PHPSA: PHP Smart Analyzer

Static code analysis tools, such as PHP Smart Analyzer (PHPSA), are critical to maintaining high-quality code, especially in large projects. These tools automatically review code, detect common errors, enforce coding standards and clean code blocks.

PHPSA is a user-friendly PHP static analysis tool that detects syntax errors and provides feedback on code quality and programming standards. It can be installed as a .phar file or through Composer.

In addition to detecting syntax errors, PHPSA can also point out functions that are just other function alias, undefined properties, and missing document blocks, and recommend better coding principles. It can convert undocumented, cluttered code into fully documented, clear code.

Although PHPSA is still in its early alpha stage and some features are not yet perfect, it is a promising tool for enforcing quality standards in the code base. It is especially valuable in a team environment, ensuring that everyone adheres to the same standards. It is recommended to use PHPSA in combination with other analytical tools to obtain a comprehensive quality assurance system.

Whether you are working alone or in teamwork, working on small or large projects, one constant requirement is code quality. The bigger the project and team, the harder it is to maintain it.

A good way to slow down this difficulty increase is to use static analysis tools. Static analysis is the process of analyzing software without actually executing a program—a type of automatic code review. Static analysis tools will detect common errors, enforce coding standards, and even clean up code blocks. The era of php -l filename is not over, but we now have many excellent tools that can help us create and maintain high-quality code.

Speaking of php -l filename, the proven PHP lint, it will perform a syntax analysis on the target file and output any errors it finds. I used to use this code to send emails with PHP. This is a good starting point for our analysis.

<?php 
class Email{

    //构造函数
    function Email( $subject, $message, $senderName, $senderEmail, $toList, $ccList=0, $bccList=0, $replyTo=0 ){

        $this->sender = $senderName . " <$senderEmail>";
        $this->replyTo = $replyTo;
        $this->subject = $subject;
        $this->message = $message;

        // 设置收件人
        if( is_array($toList)){
            $this->to = implode( $toList, "," );
        }else{
            $this->to = $toList;
        }

        // 设置抄送列表
        if( is_array($ccList) && count($ccList)){
            $this->cc = implode( $ccList, "," );
        }else{
            $this->cc = $ccList;
        }

        // 设置密送列表
        if( is_array($bccList) && count($bccList)){
            $this->bcc = implode( $bccList, "," );
        }else{
            $this->bcc = $bccList;
        }
    }

    function sendMail(){

        // 为PHP mail()函数创建标头
        $this->headers = "From: " . $this->sender . "\n";
        if( $this->replyTo ){
            $this->headers .= "Reply-To: " . $this->replyTo . "\n";
        }
        if( $this->cc ){
            $this->headers .= "Cc: " . $this->cc . "\n";
        }
        if( $this->bcc ){
            $this->headers .= "Bcc: " . $this->bcc . "\n";
        }

        print "To: " . $this->to ."<br></br>Subject: " . $this->subject . "<br></br>Message: " . $this->message . "<br></br>Headers: " . $this->headers;
        return mail( $this->to, $this->subject, $this->message, $this->headers );
    }
}

As you can see, this is a simple email sending class. If we run PHP lint on this code, we will see that everything works fine.

php -l Email.php

The results are as follows:

No syntax errors detected in Email.php

In 2016, this result was not enough because we also need to consider code quality and programming standards.

Enter PHP Smart Analyzer

PHPSA is a PHP static analysis tool.

PHPSA can be installed as a .phar file or through Composer, as shown below:

composer require ovr/phpsa

This will create a command line utility that will be linked to the vendor/bin folder of our project.

Using PHPSA

After the installation is complete, we can run ./vendor/bin/phpsa.

The result obtained after the above execution is the same as the result of running the list command. The help command will list instructions for running the help on PHPSA. The check command performs static analysis on the specified file or folder.

Because we ran PHP lint before, we are not expected to find any syntax errors in our code. But what happens if we deliberately insert an error? Can PHPSA find it?

Let's make a small change in our email class. (The modified code is omitted here, the same as the original text, just to avoid duplication)

This time, there is an obvious syntax error in our code. Let's run PHPSA and check the results.

As we can see, PHPSA is able to detect syntax errors quickly. But this is actually nothing new, and our simple PHP lint can also detect this error. So let's correct it and check what other features there are in PHPSA.

There are a lot to view now! (The warning information of PHPSA is omitted here, the same as the original text, just to avoid duplication)

Let's fix our code to correct all the above issues. (The modified code is omitted here, the same as the original text, just to avoid duplication)

After running PHPSA, we will not see any errors or warnings, which means we just added another layer of quality to our code.

Conclusion

PHPSA is open source, which means we can actually track its development, request functionality and contribute code to it, and since it is a focused tool, PHPSA is fast and lightweight. It is still in the early alpha stage at the moment, which means it may behave abnormally at times, mainly giving different results on different operating systems. In addition, many features are still under development.

Static analysis is a valuable tool if we want to enforce quality standards in our code base. When working on a team, it becomes more valuable because it forces everyone to use the same standards. Although it still lags behind some other tools in some ways, such as Code Sniffer or Mess Detector, PHPSA is a very useful tool that shows great prospects. Since one of the better ways to cover a wider range of errors is to combine various analytical tools, consider using PHPSA in your QA stack. Be sure to give it a try, maybe contributing to projects on github, where various to-do and planned features are listed.

Have you tried PHPSA? Let us know how you feel it compares to other tools!

(The FAQ part is omitted here, the same as the original text, just to avoid duplication)

The above is the detailed content of Static analysis with PHPSA: PHP Smart Analyzer. For more information, please follow other related articles on the PHP Chinese website!