我正在尝试使用诗篇来检测SQL注射。我有以下代码:

问题描述 投票:0回答:1
vendor/bin/psalm --taint-analysis ./src/index.php

但找不到错误...

I编辑了配置文件
psalm.xml

tag i添加了属性
php security pdo psalm-php
1个回答
0
投票

I启用了
    runTaintAnalysis="true"
  • 扩展(
    pdo
    

    

    <enableExtensions><extension name="pdo" /></enableExtensions>
    • 

  • 现在我像这样运行命令

    <?xml version="1.0"?>
<!-- Add runTaintAnalysis -->
<psalm
    errorLevel="1" 
    resolveFromConfigFile="true"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="https://getpsalm.org/schema/config"
    xsi:schemaLocation="https://getpsalm.org/schema/config vendor/vimeo/psalm/config.xsd"
    findUnusedBaselineEntry="true"
    findUnusedCode="true"
    runTaintAnalysis="true" 
>
    <projectFiles>
        <directory name="src" />
        <ignoreFiles>
            <directory name="vendor" />
        </ignoreFiles>
    </projectFiles>
    <!-- Important -->
    <enableExtensions>
        <extension name="pdo" />
    </enableExtensions>
</psalm>

    在配置文件参考中随机发现
    https://psalm.dev/docs/running_psalm/configuration/#enableextensions
    
    
    • 
	

    

    


  

  

    
最新问题


  





  

    © www.soinside.com 2019 - 2025. All rights reserved.