diff --git a/src/main/java/com/cflint/CF.java b/src/main/java/com/cflint/CF.java new file mode 100644 index 000000000..d397c9cd7 --- /dev/null +++ b/src/main/java/com/cflint/CF.java @@ -0,0 +1,409 @@ +package com.cflint; + +public class CF { + /** + * CFArgument tag. + */ + public static final String CFARGUMENT = "cfargument"; + + /** + * CFCase tag. + */ + public static final String CFCASE = "cfcase"; + + /** + * CFCatch tag. + */ + public static final String CFCATCH = "cfcatch"; + + /** + * CFCollection tag. + */ + public static final String CFCOLLECTION = "cfcollection"; + + /** + * CFComponent Tag. + */ + public static final String CFCOMPONENT = "cfcomponent"; + + /** + * CFDBInfo Tag. + */ + public static final String CFDBINFO = "cfdbinfo"; + + /** + * CFDeafulatCase Tag. + */ + public static final String CFDEFAULTCASE = "cfdefaultcase"; + + /** + * CFDirectory Tag. + */ + public static final String CFDIRECTORY = "cfdirectory"; + + /** + * CFDocument Tag. + */ + public static final String CFDOCUMENT = "cfdocument"; + + /** + * CFElse Tag. + */ + public static final String CFELSE = "cfelse"; + + /** + * CFElseIf Tag. + */ + public static final String CFELSEIF = "cfelseif"; + + /** + * CFExecute Tag. + */ + public static final String CFEXECUTE = "cfexecute"; + + /** + * CFFeed Tag. + */ + public static final String CFFEED = "cffeed"; + + /** + * CFFile Tag. + */ + public static final String CFFILE = "cffile"; + + /** + * CFForm Tag. + */ + public static final String CFFORM = "cfform"; + + /** + * CFFTP Tag. + */ + public static final String CFFTP = "cfftp"; + + /** + * CFFunction Tag. + */ + public static final String CFFUNCTION = "cffunction"; + + /** + * CFHTTP Tag. + */ + public static final String CFHTTP = "cfhttp"; + + /** + * CFIF Tag. + */ + public static final String CFIF = "cfif"; + + /** + * CFInclude Tag. + */ + public static final String CFINCLUDE = "cfinclude"; + + /** + * CFInvoke Tag. + */ + public static final String CFINVOKE = "cfinvoke"; + + /** + * CFLDAP Tag. + */ + public static final String CFLDAP = "cfldap"; + + /** + * CFLoop Tag. + */ + public static final String CFLOOP = "cfloop"; + + /** + * CFMail Tag. + */ + public static final String CFMAIL = "cfmail"; + + /** + * CFNTAuthenticate Tag. + */ + public static final String CFNTAUTHENTICATE = "cfntauthenticate"; + + /** + * CFObject Tag. + */ + public static final String CFOBJECT = "cfobject"; + + /** + * CFOutput Tag. + */ + public static final String CFOUTPUT = "cfoutput"; + + /** + * CFPDF Tag. + */ + public static final String CFPDF = "cfpdf"; + + /** + * CFPOP Tag. + */ + public static final String CFPOP = "cfpop"; + + /** + * CFProcParam Tag. + */ + public static final String CFPROCPARAM = "cfprocparam"; + + /** + * CFProcResult Tag. + */ + public static final String CFPROCRESULT = "cfprocresult"; + + /** + * CFQuery Tag. + */ + public static final String CFQUERY = "cfquery"; + + /** + * CFQueryParam Tag. + */ + public static final String CFQUERYPARAM = "cfqueryparam"; + + /** + * CFRegistory Tag. + */ + public static final String CFREGISTRY = "cfregistry"; + + /** + * CFReport Tag. + */ + public static final String CFREPORT = "cfreport"; + + /** + * CFReturn Tag. + */ + public static final String CFRETURN = "cfreturn"; + + /** + * CFSaveContent Tag. + */ + public static final String CFSAVECONTENT = "cfsavecontent"; + + /** + * CFScript Tag. + */ + public static final String CFSCRIPT = "cfscript"; + + /** + * CFSearch Tag. + */ + public static final String CFSEARCH = "cfsearch"; + + /** + * CFSet Tag. + */ + public static final String CFSET = "cfset"; + + /** + * CFSetting Tag. + */ + public static final String CFSETTING = "cfsetting"; + + /** + * CFStoredProc Tag. + */ + public static final String CFSTOREDPROC = "cfstoredproc"; + + /** + * CFTry Tag. + */ + public static final String CFTRY = "cftry"; + + /** + * CFWDDX Tag. + */ + public static final String CFWDDX = "cfwddx"; + + /** + * CFWhile Tag. + */ + public static final String CFWHILE = "cfwhile"; + + /** + * CFXML Tag. + */ + public static final String CFXML = "cfxml"; + + /** + * CFZIP Tag. + */ + public static final String CFZIP = "cfzip"; + + /** + * CF start of a comment. + */ + public static final String COMMENT = "!---"; + + /** + * CFScript component. + */ + public static final String COMPONENT = "component"; + + /** + * CFScript dbtype. + */ + public static final String DBTYPE = "dbtype"; + + /** + * CFScript debug. + */ + public static final String DEBUG = "debug"; + + /** + * CFScript default. + */ + public static final String DEFAULT = "default"; + + /** + * CFScript display name. + */ + public static final String DISPLAYNAME = "displayname"; + + /** + * CFScript function. + */ + public static final String FUNCTION = "function"; + + /** + * CF attribute group. + */ + public static final String GROUP = "group"; + + /** + * CF attribute hint. + */ + public static final String HINT = "hint"; + + /** + * CF attribute index. + */ + public static final String INDEX = "index"; + + /** + * CFScript interface. + */ + public static final String INTERFACE = "interface"; + + /** + * CF attribute item. + */ + public static final String ITEM = "item"; + + /** + * CF attribute name. + */ + public static final String NAME = "name"; + + /** + * CF attribute output. + */ + public static final String OUTPUT = "output"; + + /** + * CF attribute property name. + */ + public static final String PROPERTY_NAME = "propertyName"; + + /** + * CF attribute query. + */ + public static final String QUERY = "query"; + + /** + * CF attribute required. + */ + public static final String REQUIRED = "required"; + + /** + * CF attribute return variable. + */ + public static final String RETURNVARIABLE = "returnvariable"; + + /** + * CF attribute template. + */ + public static final String TEMPLATE = "template"; + + /** + * CF attribute type. + */ + public static final String TYPE = "type"; + + + /** + * CF scope application. + */ + public static final String APPLICATION = "application"; + + /** + * CF scope cgi. + */ + public static final String CGI = "cgi"; + + /** + * CF scope cookie. + */ + public static final String COOKIE = "cookie"; + + /** + * CF scope form. + */ + public static final String FORM = "form"; + + /** + * CF scope request. + */ + public static final String REQUEST = "request"; + + /** + * CF scope server. + */ + public static final String SERVER = "server"; + + /** + * CF scope session. + */ + public static final String SESSION = "session"; + + /** + * CF scope client. + */ + public static final String CLIENT = "client"; + + /** + * CF scope arguments. + */ + public static final String ARGUMENTS = "arguments"; + + /** + * CF scope variables. + */ + public static final String VARIABLES = "variables"; + + /** + * CF scope local. + */ + public static final String LOCAL = "local"; + + /** + * CF scope this. + */ + public static final String THIS = "this"; + + /** + * CF scope url. + */ + public static final String URL = "url"; + + private CF() { + throw new IllegalStateException("CF utility class"); + } +} + diff --git a/src/main/java/com/cflint/CFLint.java b/src/main/java/com/cflint/CFLint.java index 50192fd96..251b9c2cc 100644 --- a/src/main/java/com/cflint/CFLint.java +++ b/src/main/java/com/cflint/CFLint.java @@ -313,10 +313,10 @@ public void process(final String src, final String filename) throws ParseExcepti * @return */ private boolean isComponentOrInterfaceScript(final String src, final List elements) { - return (src.contains("component") - && (elements.isEmpty() || elements.get(0).getBegin() > src.indexOf("component"))) - || (src.contains("interface") - && (elements.isEmpty() || elements.get(0).getBegin() > src.indexOf("interface"))); + return (src.contains(CF.COMPONENT) + && (elements.isEmpty() || elements.get(0).getBegin() > src.indexOf(CF.COMPONENT))) + || (src.contains(CF.INTERFACE) + && (elements.isEmpty() || elements.get(0).getBegin() > src.indexOf(CF.INTERFACE))); } protected ParserTag getFirstTagQuietly(final CFMLSource cfmlSource) { @@ -335,7 +335,7 @@ public void processStack(final List elements, final String space, final final CFIdentifier functionName) throws ParseException, IOException { Element commentElement = null; for (final Element elem : elements) { - if (elem.getName().equals("!---")) { + if (elem.getName().equals(CF.COMMENT)) { commentElement = elem; } else { final Context context = new Context(filename, elem, functionName, false, handler); @@ -353,7 +353,7 @@ public void processStack(final List elements, final String space, final throws ParseException, IOException { Element commentElement = null; for (final Element elem : elements) { - if (elem.getName().equals("!---")) { + if (elem.getName().equals(CF.COMMENT)) { commentElement = elem; } else { final Context subContext = context.subContext(elem); @@ -377,33 +377,33 @@ private void process(final Element elem, final String space, final Context conte } try { currentElement = elem; - if (elem.getName().equalsIgnoreCase("cfcomponent")) { + if (elem.getName().equalsIgnoreCase(CF.CFCOMPONENT)) { final Context componentContext = context.subContext(elem); componentContext.setInComponent(true); - componentContext.setComponentName(elem.getAttributeValue("displayname")); + componentContext.setComponentName(elem.getAttributeValue(CF.DISPLAYNAME)); componentContext.setContextType(ContextType.COMPONENT); - handler.push("component"); + handler.push(CF.COMPONENT); doStructureStart(elem, componentContext, CFCompDeclStatement.class); - } else if (elem.getName().equalsIgnoreCase("cffunction")) { + } else if (elem.getName().equalsIgnoreCase(CF.CFFUNCTION)) { final Context functionContext = context.subContext(elem); - functionContext.setFunctionName(elem.getAttributeValue("name")); + functionContext.setFunctionName(elem.getAttributeValue(CF.NAME)); functionContext.setContextType(ContextType.FUNCTION); - handler.push("function"); + handler.push(CF.FUNCTION); doStructureStart(elem, functionContext, CFFuncDeclStatement.class); - } else if (elem.getName().equalsIgnoreCase("cfloop") && elem.getAttributeValue("query") != null) { + } else if (elem.getName().equalsIgnoreCase(CF.CFLOOP) && elem.getAttributeValue(CF.QUERY) != null) { // Give a cfloop for query its own context and set the column // names as variables if they are available final Context loopContext = context.subContext(elem); loopContext.setContextType(ContextType.QUERY_LOOP); - handler.push("cfloop"); + handler.push(CF.CFLOOP); - final String qryName = elem.getAttributeValue("query"); + final String qryName = elem.getAttributeValue(CF.QUERY); handler.addVariables(handler.getQueryColumns(qryName)); doStructureStart(elem, loopContext, CFFuncDeclStatement.class); } - if (elem.getName().equalsIgnoreCase("cfset") || elem.getName().equalsIgnoreCase("cfif") - || elem.getName().equalsIgnoreCase("cfelseif") || elem.getName().equalsIgnoreCase("cfreturn")) { + if (elem.getName().equalsIgnoreCase(CF.CFSET) || elem.getName().equalsIgnoreCase(CF.CFIF) + || elem.getName().equalsIgnoreCase(CF.CFELSEIF) || elem.getName().equalsIgnoreCase(CF.CFRETURN)) { scanElement(elem, context); final Pattern p = Pattern.compile("<\\w+\\s(.*[^/])/?>", Pattern.MULTILINE | Pattern.DOTALL); final String expr = elem.getFirstStartTag().toString(); @@ -425,14 +425,14 @@ private void process(final Element elem, final String space, final Context conte } processStack(elem.getChildElements(), space + " ", context); - } else if (elem.getName().equalsIgnoreCase("cfargument")) { + } else if (elem.getName().equalsIgnoreCase(CF.CFARGUMENT)) { scanElement(elem, context); - final String name = elem.getAttributeValue("name"); + final String name = elem.getAttributeValue(CF.NAME); if (name != null) { handler.addArgument(name); } processStack(elem.getChildElements(), space + " ", context); - } else if (elem.getName().equalsIgnoreCase("cfscript")) { + } else if (elem.getName().equalsIgnoreCase(CF.CFSCRIPT)) { scanElement(elem, context); String cfscript = elem.getContent().toString(); if (elem.getEndTag() == null) { @@ -454,9 +454,9 @@ private void process(final Element elem, final String space, final Context conte final Context subcontext = context.subContext(elem); process(scriptStatement, subcontext); processStack(elem.getChildElements(), space + " ", context); - } else if (elem.getName().equalsIgnoreCase("cffunction")) { + } else if (elem.getName().equalsIgnoreCase(CF.CFFUNCTION)) { final Context functionContext = context.subContext(elem); - functionContext.setFunctionName(elem.getAttributeValue("name")); + functionContext.setFunctionName(elem.getAttributeValue(CF.NAME)); functionContext.setContextType(ContextType.FUNCTION); scanElement(elem, functionContext); processStack(elem.getChildElements(), space + " ", functionContext); @@ -480,10 +480,10 @@ private void process(final Element elem, final String space, final Context conte } } handler.pop(); - } else if (elem.getName().equalsIgnoreCase("cfcomponent")) { + } else if (elem.getName().equalsIgnoreCase(CF.CFCOMPONENT)) { final Context componentContext = context.subContext(elem); componentContext.setInComponent(true); - componentContext.setComponentName(elem.getAttributeValue("displayname")); + componentContext.setComponentName(elem.getAttributeValue(CF.DISPLAYNAME)); componentContext.setContextType(ContextType.COMPONENT); scanElement(elem, componentContext); @@ -503,7 +503,7 @@ private void process(final Element elem, final String space, final Context conte } } handler.pop(); - } else if (elem.getName().equalsIgnoreCase("cfquery")) { + } else if (elem.getName().equalsIgnoreCase(CF.CFQUERY)) { scanElement(elem, context); for (final Entry expression : unpackTagExpressions(elem).entrySet()) { if (expression != null) { @@ -513,7 +513,7 @@ private void process(final Element elem, final String space, final Context conte final List list = elem.getAllElements(); processStack(list.subList(1, list.size()), space + " ", context); // Save any columns from the cfquery - final String qryName = elem.getAttributeValue("name"); + final String qryName = elem.getAttributeValue(CF.NAME); if (qryName != null && qryName.trim().length() > 0) { final String qryText = elem.getTextExtractor().toString().toUpperCase(); final Matcher m = Pattern.compile(".*SELECT\\s(\\w+(\\s*,\\s*\\w+)+)\\s+FROM\\s+.*") @@ -524,16 +524,16 @@ private void process(final Element elem, final String space, final Context conte handler.addQueryColumnSet(qryName, cols); } } - } else if (elem.getName().equalsIgnoreCase("cfqueryparam")) { + } else if (elem.getName().equalsIgnoreCase(CF.CFQUERYPARAM)) { scanElement(elem, context); for (final Entry expression : unpackTagExpressions(elem).entrySet()) { if (expression != null) { process(expression.getValue(), elem, context); } } - } else if (elem.getName().equalsIgnoreCase("cfinclude")) { + } else if (elem.getName().equalsIgnoreCase(CF.CFINCLUDE)) { scanElement(elem, context); - final String path = elem.getAttributeValue("template"); + final String path = elem.getAttributeValue(CF.TEMPLATE); final File include = new File(new File(context.getFilename()).getParentFile(), path); if (strictInclude || include.exists()) { if (includeFileStack.contains(include)) { @@ -544,7 +544,7 @@ private void process(final Element elem, final String space, final Context conte includeFileStack.pop(); } } - } else if (elem.getName().equalsIgnoreCase("cfloop") && elem.getAttributeValue("query") != null) { + } else if (elem.getName().equalsIgnoreCase(CF.CFLOOP) && elem.getAttributeValue(CF.QUERY) != null) { scanElement(elem, context); processStack(elem.getChildElements(), space + " ", context); handler.pop(); @@ -704,13 +704,13 @@ private void process(final CFScriptStatement expression, final Context context) try { // TODO fix this to use getPropertyName() when it is // available and not null. - final Field field = CFPropertyStatement.class.getDeclaredField("propertyName"); + final Field field = CFPropertyStatement.class.getDeclaredField(CF.PROPERTY_NAME); field.setAccessible(true); CFExpression value = (CFExpression) field.get(expression); if (value == null) { for (final Entry entry : ((CFPropertyStatement) expression) .getAttributes().entrySet()) { - if ("name".equals(entry.getKey().getName())) { + if (CF.NAME.equals(entry.getKey().getName())) { value = entry.getValue(); } } @@ -733,7 +733,7 @@ private void process(final CFScriptStatement expression, final Context context) componentContext.setInComponent(true); componentContext.setContextType(ContextType.COMPONENT); for (final Entry entry : compDeclStatement.getAttributes().entrySet()) { - if (entry.getKey() != null && entry.getKey().Decompile(0).equalsIgnoreCase("name")) { + if (entry.getKey() != null && entry.getKey().Decompile(0).equalsIgnoreCase(CF.NAME)) { componentContext.setComponentName(entry.getValue().Decompile(0)); } } @@ -828,7 +828,7 @@ private void process(final CFScriptStatement expression, final Context context) functionContext.setFunctionInfo(function); registerRuleOverrides(functionContext, function.getToken()); - handler.push("function"); + handler.push(CF.FUNCTION); for (final CFFunctionParameter param : function.getFormals()) { handler.addArgument(param.getName()); } @@ -998,7 +998,7 @@ protected void registerRuleOverrides(final Context context, final CFExpressionSt */ protected void applyRuleOverrides(final Context context, final Element commentElement) { - if (commentElement != null && "!---".equals(commentElement.getName())) { + if (commentElement != null && CF.COMMENT.equals(commentElement.getName())) { final String mlText = commentElement.toString(); final Pattern pattern = Pattern.compile(".*\\s*@CFLintIgnore\\s+([\\w,_]+)\\s*.*", Pattern.DOTALL); final Matcher matcher = pattern.matcher(mlText); @@ -1138,7 +1138,7 @@ protected boolean checkForDisabled(final Element element, final String msgcode) Element elem = element; while (elem != null) { final Element prevSibling = getPreviousSibling(elem); - if (prevSibling != null && prevSibling.getName().equals("!---")) { + if (prevSibling != null && prevSibling.getName().equals(CF.COMMENT)) { final Pattern p = Pattern.compile(".*---\\s*CFLINT-DISABLE\\s+(.*)\\s*---.*"); final Matcher m = p.matcher(prevSibling.toString().toUpperCase().trim()); if (m.matches()) { @@ -1475,5 +1475,4 @@ public void reportError(final org.antlr.v4.runtime.IntStream input, public void setStrictIncludes(final boolean strictInclude) { this.strictInclude = strictInclude; } - } diff --git a/src/main/java/com/cflint/plugins/core/ArgDefChecker.java b/src/main/java/com/cflint/plugins/core/ArgDefChecker.java index f4420e027..52756a2d7 100644 --- a/src/main/java/com/cflint/plugins/core/ArgDefChecker.java +++ b/src/main/java/com/cflint/plugins/core/ArgDefChecker.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; import com.cflint.tools.CFTool; @@ -19,7 +20,7 @@ public void expression(final CFScriptStatement expression, final Context context for (final CFFunctionParameter argument : function.getFormals()) { // handler.addArgument(param.getName()); final String name = argument.getName(); - if (!argument.toString().contains("required") && !argument.toString().contains("=")) { + if (!argument.toString().contains(CF.REQUIRED) && !argument.toString().contains("=")) { context.addMessage("ARG_DEFAULT_MISSING", name); } } @@ -28,10 +29,10 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfargument")) { - final String name = element.getAttributeValue("name"); - final boolean required = CFTool.toBoolean(element.getAttributeValue("required")); - final String defaultExpr = element.getAttributeValue("default"); + if (element.getName().equals(CF.CFARGUMENT)) { + final String name = element.getAttributeValue(CF.NAME); + final boolean required = CFTool.toBoolean(element.getAttributeValue(CF.REQUIRED)); + final String defaultExpr = element.getAttributeValue(CF.DEFAULT); if (!required && defaultExpr == null) { element.getSource().getRow(element.getBegin()); element.getSource().getColumn(element.getBegin()); diff --git a/src/main/java/com/cflint/plugins/core/ArgDefConditionChecker.java b/src/main/java/com/cflint/plugins/core/ArgDefConditionChecker.java index 7dacd40c2..6e3951354 100644 --- a/src/main/java/com/cflint/plugins/core/ArgDefConditionChecker.java +++ b/src/main/java/com/cflint/plugins/core/ArgDefConditionChecker.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; import com.cflint.tools.CFTool; @@ -21,7 +22,7 @@ public void expression(final CFScriptStatement expression, final Context context for (final CFFunctionParameter argument : function.getFormals()) { final String name = argument.getName(); final boolean checked = isCheck(code, name); - if (!argument.toString().contains("required") && !argument.toString().contains("=") && !checked) { + if (!argument.toString().contains(CF.REQUIRED) && !argument.toString().contains("=") && !checked) { context.addMessage("ARG_DEFAULT_MISSING", name); } } @@ -30,10 +31,10 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfargument")) { - final String name = element.getAttributeValue("name"); - final boolean required = CFTool.toBoolean(element.getAttributeValue("required")); - final String defaultExpr = element.getAttributeValue("default"); + if (element.getName().equals(CF.CFARGUMENT)) { + final String name = element.getAttributeValue(CF.NAME); + final boolean required = CFTool.toBoolean(element.getAttributeValue(CF.REQUIRED)); + final String defaultExpr = element.getAttributeValue(CF.DEFAULT); final String code = element.getParentElement().toString(); final boolean checked = isCheck(code, name); diff --git a/src/main/java/com/cflint/plugins/core/ArgHintChecker.java b/src/main/java/com/cflint/plugins/core/ArgHintChecker.java index 68bcb9d35..c9a33f2d9 100644 --- a/src/main/java/com/cflint/plugins/core/ArgHintChecker.java +++ b/src/main/java/com/cflint/plugins/core/ArgHintChecker.java @@ -9,6 +9,7 @@ import java.util.regex.Pattern; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; import com.cflint.tools.PrecedingCommentReader; @@ -22,9 +23,9 @@ public class ArgHintChecker extends CFLintScannerAdapter { @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfargument")) { - final String name = element.getAttributeValue("name"); - final String hint = element.getAttributeValue("hint"); + if (element.getName().equals(CF.CFARGUMENT)) { + final String name = element.getAttributeValue(CF.NAME); + final String hint = element.getAttributeValue(CF.HINT); if (hint == null || hint.length() == 0) { context.addMessage("ARG_HINT_MISSING", name); } diff --git a/src/main/java/com/cflint/plugins/core/ArgTypeChecker.java b/src/main/java/com/cflint/plugins/core/ArgTypeChecker.java index 5d5cb0ebb..bcafe0222 100644 --- a/src/main/java/com/cflint/plugins/core/ArgTypeChecker.java +++ b/src/main/java/com/cflint/plugins/core/ArgTypeChecker.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -31,9 +32,9 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfargument")) { - final String name = element.getAttributeValue("name"); - final String variableType = element.getAttributeValue("type"); + if (element.getName().equals(CF.CFARGUMENT)) { + final String name = element.getAttributeValue(CF.NAME); + final String variableType = element.getAttributeValue(CF.TYPE); if (variableType == null) { context.addMessage("ARG_TYPE_MISSING", name); diff --git a/src/main/java/com/cflint/plugins/core/ArgumentNameChecker.java b/src/main/java/com/cflint/plugins/core/ArgumentNameChecker.java index b58e59162..4d5ba7f2c 100644 --- a/src/main/java/com/cflint/plugins/core/ArgumentNameChecker.java +++ b/src/main/java/com/cflint/plugins/core/ArgumentNameChecker.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -28,9 +29,9 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfargument")) { + if (element.getName().equals(CF.CFARGUMENT)) { final int lineNo = context.startLine(); - final String name = element.getAttributeValue("name"); + final String name = element.getAttributeValue(CF.NAME); if (name != null && name.length() > 0) { checkNameForBugs(context, name, context.getFilename(), context.getFunctionName(), lineNo, bugs); } else { diff --git a/src/main/java/com/cflint/plugins/core/ArrayNewChecker.java b/src/main/java/com/cflint/plugins/core/ArrayNewChecker.java index 79d629b97..ce8320bbe 100644 --- a/src/main/java/com/cflint/plugins/core/ArrayNewChecker.java +++ b/src/main/java/com/cflint/plugins/core/ArrayNewChecker.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -25,7 +26,7 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfset")) { + if (element.getName().equals(CF.CFSET)) { final String content = element.getStartTag().getTagContent().toString(); if (content.toLowerCase().contains("arraynew(1)")) { diff --git a/src/main/java/com/cflint/plugins/core/CFDebugAttributeChecker.java b/src/main/java/com/cflint/plugins/core/CFDebugAttributeChecker.java index 39090e999..d12adc798 100644 --- a/src/main/java/com/cflint/plugins/core/CFDebugAttributeChecker.java +++ b/src/main/java/com/cflint/plugins/core/CFDebugAttributeChecker.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -18,11 +19,11 @@ public void element(final Element element, final Context context, final BugList if (attributes == null) { return; } - final Attribute debugAttr = attributes.get("debug"); + final Attribute debugAttr = attributes.get(CF.DEBUG); if (debugAttr != null) { context.addMessage("AVOID_USING_DEBUG_ATTR", null); } - if (element.getName().equalsIgnoreCase("cfsetting")) { + if (element.getName().equalsIgnoreCase(CF.CFSETTING)) { final Attribute showDebugOutputAttr = element.getAttributes().get("showDebugOutput"); if (showDebugOutputAttr != null) { if ("Yes".equalsIgnoreCase(showDebugOutputAttr.getValue()) diff --git a/src/main/java/com/cflint/plugins/core/CFQueryChecker.java b/src/main/java/com/cflint/plugins/core/CFQueryChecker.java index 868a5e273..fbd91b1fc 100644 --- a/src/main/java/com/cflint/plugins/core/CFQueryChecker.java +++ b/src/main/java/com/cflint/plugins/core/CFQueryChecker.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -17,7 +18,7 @@ public void element(final Element element, final Context context, final BugList final String file = context.getFilename(); final String ext = file.substring(file.length() - 3, file.length()); final String tagName = element.getName(); - if (tagName.equals("cfquery") && ext.equals("cfm")) { + if (tagName.equals(CF.CFQUERY) && ext.equals("cfm")) { final int begLine = element.getSource().getRow(element.getBegin()); context.addMessage(messageCode, null, this, begLine); } diff --git a/src/main/java/com/cflint/plugins/core/CFScopes.java b/src/main/java/com/cflint/plugins/core/CFScopes.java index b277cbc29..235c2d8a5 100644 --- a/src/main/java/com/cflint/plugins/core/CFScopes.java +++ b/src/main/java/com/cflint/plugins/core/CFScopes.java @@ -5,12 +5,12 @@ import cfml.parsing.cfscript.CFExpression; import cfml.parsing.cfscript.CFFullVarExpression; +import com.cflint.CF; public class CFScopes { - public static final String LOCAL = "local"; - final static Collection scopes = Arrays.asList("url", "form", "cookie", "cgi", "server", "application", - "session", "client", "request", "arguments", "variables", "this", LOCAL, "cfcatch"); + final static Collection scopes = Arrays.asList(CF.URL, CF.FORM, CF.COOKIE, CF.CGI, CF.SERVER, CF.APPLICATION, + CF.SESSION, CF.CLIENT, CF.REQUEST, CF.ARGUMENTS, CF.VARIABLES, CF.THIS, CF.LOCAL, CF.CFCATCH); protected String[] parts(final String variable) { return variable.toLowerCase().split("\\.|\\[|\\]"); @@ -50,14 +50,14 @@ public boolean isScoped(final CFFullVarExpression variable,String scope) { } public boolean isLocalScoped(final String variable) { - return isScoped(variable, LOCAL); + return isScoped(variable, CF.LOCAL); } public boolean isVariablesScoped(final String variable) { - return isScoped(variable, "variables"); + return isScoped(variable, CF.VARIABLES); } public boolean isFunctionScoped(final String variable) { - return isScoped(variable, LOCAL) || isScoped(variable, "variables") || isScoped(variable, "arguments") || isScoped(variable, "cfcatch"); + return isScoped(variable, CF.LOCAL) || isScoped(variable, CF.VARIABLES) || isScoped(variable, CF.ARGUMENTS) || isScoped(variable, CF.CFCATCH); } } \ No newline at end of file diff --git a/src/main/java/com/cflint/plugins/core/ComponentDisplayNameChecker.java b/src/main/java/com/cflint/plugins/core/ComponentDisplayNameChecker.java index 4be254de2..323bac8c5 100644 --- a/src/main/java/com/cflint/plugins/core/ComponentDisplayNameChecker.java +++ b/src/main/java/com/cflint/plugins/core/ComponentDisplayNameChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -12,9 +13,9 @@ public class ComponentDisplayNameChecker extends CFLintScannerAdapter { @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfcomponent")) { + if (element.getName().equals(CF.CFCOMPONENT)) { final String name = context.getComponentName(); - final String nameAttribute = element.getAttributeValue("name"); + final String nameAttribute = element.getAttributeValue(CF.NAME); if (nameAttribute != null) { didYouMeanDisplayName(name, context, bugs); diff --git a/src/main/java/com/cflint/plugins/core/ComponentHintChecker.java b/src/main/java/com/cflint/plugins/core/ComponentHintChecker.java index 82d1d3d3a..bea3b92a5 100644 --- a/src/main/java/com/cflint/plugins/core/ComponentHintChecker.java +++ b/src/main/java/com/cflint/plugins/core/ComponentHintChecker.java @@ -3,6 +3,7 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -16,14 +17,15 @@ import net.htmlparser.jericho.Element; public class ComponentHintChecker extends CFLintScannerAdapter { - final Levels severity = Levels.INFO; + private final Levels severity = Levels.INFO; + private final String componentHintMissing = "COMPONENT_HINT_MISSING"; @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfcomponent")) { - final String hint = element.getAttributeValue("hint"); + if (element.getName().equals(CF.CFCOMPONENT)) { + final String hint = element.getAttributeValue(CF.HINT); if (hint == null || hint.trim().isEmpty()) { - context.addMessage("COMPONENT_HINT_MISSING", context.calcComponentName()); + context.addMessage(componentHintMissing, context.calcComponentName()); } } } @@ -43,11 +45,11 @@ public void expression(CFScriptStatement expression, Context context, BugList bu if (matcher.matches()) { String hintText = matcher.group(1); if (hintText.trim().isEmpty()) { - context.addMessage("COMPONENT_HINT_MISSING", context.calcComponentName()); + context.addMessage(componentHintMissing, context.calcComponentName()); } } } else { - context.addMessage("COMPONENT_HINT_MISSING", context.calcComponentName()); + context.addMessage(componentHintMissing, context.calcComponentName()); } } } diff --git a/src/main/java/com/cflint/plugins/core/ComponentLengthChecker.java b/src/main/java/com/cflint/plugins/core/ComponentLengthChecker.java index 4a0c85569..a6af41579 100644 --- a/src/main/java/com/cflint/plugins/core/ComponentLengthChecker.java +++ b/src/main/java/com/cflint/plugins/core/ComponentLengthChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -30,7 +31,7 @@ public void expression(final CFScriptStatement expression, final Context context public void element(final Element element, final Context context, final BugList bugs) { final String elementName = element.getName(); - if (elementName.equals("cfcomponent")) { + if (elementName.equals(CF.CFCOMPONENT)) { // this includes whitespace-change it final int total = element.getAllStartTags().size(); diff --git a/src/main/java/com/cflint/plugins/core/ComponentNameChecker.java b/src/main/java/com/cflint/plugins/core/ComponentNameChecker.java index 241b98ce9..b1f87a328 100644 --- a/src/main/java/com/cflint/plugins/core/ComponentNameChecker.java +++ b/src/main/java/com/cflint/plugins/core/ComponentNameChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -25,7 +26,7 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfcomponent")) { + if (element.getName().equals(CF.CFCOMPONENT)) { final String name = context.getFilename().replace(".cfc", ""); checkNameForBugs(context, actualFileName(name), context.getFilename(), bugs); } diff --git a/src/main/java/com/cflint/plugins/core/FunctionHintChecker.java b/src/main/java/com/cflint/plugins/core/FunctionHintChecker.java index 02314cb7d..f736e3d88 100644 --- a/src/main/java/com/cflint/plugins/core/FunctionHintChecker.java +++ b/src/main/java/com/cflint/plugins/core/FunctionHintChecker.java @@ -3,6 +3,7 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -16,14 +17,15 @@ import net.htmlparser.jericho.Element; public class FunctionHintChecker extends CFLintScannerAdapter { - final Levels severity = Levels.INFO; + private final Levels severity = Levels.INFO; + private final String functionHintMissing = "FUNCTION_HINT_MISSING"; @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cffunction")) { + if (element.getName().equals(CF.CFFUNCTION)) { final String hint = element.getAttributeValue("hint"); if (hint == null || hint.trim().isEmpty()) { - context.addMessage("FUNCTION_HINT_MISSING", context.getFunctionName()); + context.addMessage(functionHintMissing, context.getFunctionName()); } } } @@ -43,11 +45,11 @@ public void expression(CFScriptStatement expression, Context context, BugList bu if (matcher.matches()) { String hintText = matcher.group(1); if (hintText.trim().isEmpty()) { - context.addMessage("FUNCTION_HINT_MISSING", context.getFunctionName()); + context.addMessage(functionHintMissing, context.getFunctionName()); } } } else { - context.addMessage("FUNCTION_HINT_MISSING", context.getFunctionName()); + context.addMessage(functionHintMissing, context.getFunctionName()); } } } diff --git a/src/main/java/com/cflint/plugins/core/FunctionLengthChecker.java b/src/main/java/com/cflint/plugins/core/FunctionLengthChecker.java index 43c64e7ed..98bfab92f 100644 --- a/src/main/java/com/cflint/plugins/core/FunctionLengthChecker.java +++ b/src/main/java/com/cflint/plugins/core/FunctionLengthChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -31,7 +32,7 @@ public void expression(final CFScriptStatement expression, final Context context public void element(final Element element, final Context context, final BugList bugs) { final String elementName = element.getName(); - if (elementName.equals("cffunction")) { + if (elementName.equals(CF.CFFUNCTION)) { // this includes whitespace-change it final int begLine = element.getSource().getRow(element.getBegin()); // int endLine = element.getSource().getRow(element.getEnd()); diff --git a/src/main/java/com/cflint/plugins/core/FunctionTypeChecker.java b/src/main/java/com/cflint/plugins/core/FunctionTypeChecker.java index 6f4444b33..4d7c69fc3 100644 --- a/src/main/java/com/cflint/plugins/core/FunctionTypeChecker.java +++ b/src/main/java/com/cflint/plugins/core/FunctionTypeChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -25,7 +26,7 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cffunction")) { + if (element.getName().equals(CF.CFFUNCTION)) { final int begLine = element.getSource().getRow(element.getBegin()); final String functionType = element.getAttributeValue("returnType"); diff --git a/src/main/java/com/cflint/plugins/core/MethodNameChecker.java b/src/main/java/com/cflint/plugins/core/MethodNameChecker.java index daa897ea9..4717e0e9b 100644 --- a/src/main/java/com/cflint/plugins/core/MethodNameChecker.java +++ b/src/main/java/com/cflint/plugins/core/MethodNameChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -26,7 +27,7 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cffunction")) { + if (element.getName().equals(CF.CFFUNCTION)) { final int lineNo = element.getSource().getRow(element.getBegin()); checkNameForBugs(context, lineNo); } diff --git a/src/main/java/com/cflint/plugins/core/NestedCFOutput.java b/src/main/java/com/cflint/plugins/core/NestedCFOutput.java index c645c3ff1..1d8136150 100644 --- a/src/main/java/com/cflint/plugins/core/NestedCFOutput.java +++ b/src/main/java/com/cflint/plugins/core/NestedCFOutput.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; import com.cflint.tools.CFTool; @@ -9,14 +10,12 @@ public class NestedCFOutput extends CFLintScannerAdapter { - public static final String CFOUTPUT = "cfoutput"; - @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals(CFOUTPUT)) { - final Element parent = CFTool.getNamedParent(element, CFOUTPUT); + if (element.getName().equals(CF.CFOUTPUT)) { + final Element parent = CFTool.getNamedParent(element, CF.CFOUTPUT); if (parent != null) { - if (parent.getAttributeValue("group") == null && anyContainingCFOutputHasQuery(parent)) { + if (parent.getAttributeValue(CF.GROUP) == null && anyContainingCFOutputHasQuery(parent)) { element.getSource().getRow(element.getBegin()); element.getSource().getColumn(element.getBegin()); context.addMessage("NESTED_CFOUTPUT", ""); @@ -29,10 +28,10 @@ final boolean anyContainingCFOutputHasQuery(final Element element) { if (element == null) { return false; } - if (element.getAttributeValue("query") != null) { + if (element.getAttributeValue(CF.QUERY) != null) { return true; } - return anyContainingCFOutputHasQuery(CFTool.getNamedParent(element, CFOUTPUT)); + return anyContainingCFOutputHasQuery(CFTool.getNamedParent(element, CF.CFOUTPUT)); } } diff --git a/src/main/java/com/cflint/plugins/core/OutputParmMissing.java b/src/main/java/com/cflint/plugins/core/OutputParmMissing.java index 2fa183e03..37268edf1 100644 --- a/src/main/java/com/cflint/plugins/core/OutputParmMissing.java +++ b/src/main/java/com/cflint/plugins/core/OutputParmMissing.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -10,11 +11,11 @@ public class OutputParmMissing extends CFLintScannerAdapter { @Override public void element(final Element element, final Context context, final BugList bugs) { - if (// element.getName().equals("cfcomponent") || - element.getName().equals("cffunction")) { - final String outputAttr = element.getAttributeValue("output"); + if (// element.getName().equals(CF.CFCOMPONENT) || + element.getName().equals(CF.CFFUNCTION)) { + final String outputAttr = element.getAttributeValue(CF.OUTPUT); if (outputAttr == null) { - context.addMessage("OUTPUT_ATTR", element.getAttributeValue("name")); + context.addMessage("OUTPUT_ATTR", element.getAttributeValue(CF.NAME)); } } } diff --git a/src/main/java/com/cflint/plugins/core/QueryParamChecker.java b/src/main/java/com/cflint/plugins/core/QueryParamChecker.java index c471e3f73..689a26f35 100644 --- a/src/main/java/com/cflint/plugins/core/QueryParamChecker.java +++ b/src/main/java/com/cflint/plugins/core/QueryParamChecker.java @@ -6,6 +6,7 @@ import java.util.regex.Pattern; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -33,7 +34,7 @@ public void expression(final CFExpression expression, final Context context, fin @Override public void element(final Element element, final Context context, final BugList bugs) { if ( - element.getName().equalsIgnoreCase("cfquery") && !"query".equalsIgnoreCase(element.getAttributeValue("dbtype"))) { + element.getName().equalsIgnoreCase(CF.CFQUERY) && !CF.QUERY.equalsIgnoreCase(element.getAttributeValue(CF.DBTYPE))) { String content = element.getContent().toString(); //Todo : cfparser/Jericho does not support parsing out the cfqueryparam very well. // the following code will not work when there is a > sign in the expression diff --git a/src/main/java/com/cflint/plugins/core/SelectStarChecker.java b/src/main/java/com/cflint/plugins/core/SelectStarChecker.java index 43ebef670..7ca6fdee8 100644 --- a/src/main/java/com/cflint/plugins/core/SelectStarChecker.java +++ b/src/main/java/com/cflint/plugins/core/SelectStarChecker.java @@ -1,6 +1,7 @@ package com.cflint.plugins.core; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -14,7 +15,7 @@ public class SelectStarChecker extends CFLintScannerAdapter { @Override public void element(final Element element, final Context context, final BugList bugs) { final String tagName = element.getName(); - if (tagName.equals("cfquery")) { + if (tagName.equals(CF.CFQUERY)) { String queryGuts = element.getContent().toString().replaceAll("\\s+", ""); queryGuts = queryGuts.toLowerCase(); diff --git a/src/main/java/com/cflint/plugins/core/SimpleComplexityChecker.java b/src/main/java/com/cflint/plugins/core/SimpleComplexityChecker.java index 491ac0152..65d47da56 100644 --- a/src/main/java/com/cflint/plugins/core/SimpleComplexityChecker.java +++ b/src/main/java/com/cflint/plugins/core/SimpleComplexityChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -60,17 +61,17 @@ else if (expression.getClass().equals(CFIfStatement.class) || expression.getClas public void element(final Element element, final Context context, final BugList bugs) { final String name = element.getName(); - if (name.equalsIgnoreCase("cffunction")) { + if (name.equalsIgnoreCase(CF.CFFUNCTION)) { functionLineNo = element.getSource().getRow(element.getBegin()); complexity = 0; alreadyTooComplex = false; } else { - if (name.equalsIgnoreCase("cfif") || name.equalsIgnoreCase("cfelse") || name.equalsIgnoreCase("cfelseif") - || name.equalsIgnoreCase("cfloop") || name.equalsIgnoreCase("cfwhile") - || name.equalsIgnoreCase("cfoutput") // TODO could check for + if (name.equalsIgnoreCase(CF.CFIF) || name.equalsIgnoreCase(CF.CFELSE) || name.equalsIgnoreCase(CF.CFELSEIF) + || name.equalsIgnoreCase(CF.CFLOOP) || name.equalsIgnoreCase(CF.CFWHILE) + || name.equalsIgnoreCase(CF.CFOUTPUT) // TODO could check for // query= - || name.equalsIgnoreCase("cfcase") || name.equalsIgnoreCase("cfdefaultcase") - || name.equalsIgnoreCase("cftry") || name.equalsIgnoreCase("cfcatch")) { + || name.equalsIgnoreCase(CF.CFCASE) || name.equalsIgnoreCase(CF.CFDEFAULTCASE) + || name.equalsIgnoreCase(CF.CFTRY) || name.equalsIgnoreCase(CF.CFCATCH)) { complexity++; checkComplexity(context.getFunctionName(), functionLineNo, context, bugs); } diff --git a/src/main/java/com/cflint/plugins/core/TooManyArgumentsChecker.java b/src/main/java/com/cflint/plugins/core/TooManyArgumentsChecker.java index 21751301a..1a0ad4168 100644 --- a/src/main/java/com/cflint/plugins/core/TooManyArgumentsChecker.java +++ b/src/main/java/com/cflint/plugins/core/TooManyArgumentsChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -29,16 +30,16 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cffunction")) { + if (element.getName().equals(CF.CFFUNCTION)) { functionLine = element.getSource().getRow(element.getBegin()); argumentCount = 0; - } else if (element.getName().equals("cfargument")) { + } else if (element.getName().equals(CF.CFARGUMENT)) { argumentCount++; } // No easy way of detecting end tag so assumes functions will contain // some code // otherwise the argument count will be off by one - else if (!element.getName().equals("!---") && argumentCount > 0) { + else if (!element.getName().equals(CF.COMMENT) && argumentCount > 0) { checkNumberArguments(argumentCount, functionLine, context, bugs); argumentCount = 0; functionLine = 0; diff --git a/src/main/java/com/cflint/plugins/core/TooManyFunctionsChecker.java b/src/main/java/com/cflint/plugins/core/TooManyFunctionsChecker.java index 5d30e99ce..dbb55c5ac 100644 --- a/src/main/java/com/cflint/plugins/core/TooManyFunctionsChecker.java +++ b/src/main/java/com/cflint/plugins/core/TooManyFunctionsChecker.java @@ -1,5 +1,6 @@ package com.cflint.plugins.core; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -29,7 +30,7 @@ public void expression(final CFScriptStatement expression, final Context context @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cffunction") && !trivalFunction(context.getFunctionName())) { + if (element.getName().equals(CF.CFFUNCTION) && !trivalFunction(context.getFunctionName())) { functionCount++; checkNumberFunctions(functionCount, 1, context, bugs); } diff --git a/src/main/java/com/cflint/plugins/core/UnusedArgumentChecker.java b/src/main/java/com/cflint/plugins/core/UnusedArgumentChecker.java index 0f25df177..83a92411b 100644 --- a/src/main/java/com/cflint/plugins/core/UnusedArgumentChecker.java +++ b/src/main/java/com/cflint/plugins/core/UnusedArgumentChecker.java @@ -5,6 +5,7 @@ import java.util.Map; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -24,9 +25,9 @@ public class UnusedArgumentChecker extends CFLintScannerAdapter { @Override public void element(final Element element, final Context context, final BugList bugs) { - if (element.getName().equals("cfargument")) { - final String name = element.getAttributeValue("name") != null - ? element.getAttributeValue("name").toLowerCase() : ""; + if (element.getName().equals(CF.CFARGUMENT)) { + final String name = element.getAttributeValue(CF.NAME) != null + ? element.getAttributeValue(CF.NAME).toLowerCase() : ""; methodArguments.put(name, false); setArgumentLineNo(name, context.startLine()); final String code = element.getParentElement().toString(); diff --git a/src/main/java/com/cflint/plugins/core/VarScoper.java b/src/main/java/com/cflint/plugins/core/VarScoper.java index e63f9984a..7c3dbd6d9 100644 --- a/src/main/java/com/cflint/plugins/core/VarScoper.java +++ b/src/main/java/com/cflint/plugins/core/VarScoper.java @@ -7,6 +7,7 @@ import java.util.Map; import com.cflint.BugList; +import com.cflint.CF; import com.cflint.plugins.CFLintScannerAdapter; import com.cflint.plugins.Context; @@ -22,12 +23,12 @@ public class VarScoper extends CFLintScannerAdapter { public static final String VARIABLE = "variable"; public static final String RESULT = "result"; - final Map> CHECK_ELEMENT_ATTRIBUTES = new HashMap>(); - final List CHECK_NAMES = Arrays.asList(new String[] { "cfquery", "cfstoredproc", "cffeed", "cfdirectory", - "cfform", "cfftp", "cfobject", "cfsearch", "cfprocresult", "cfpop", "cfregistry", "cfreport", "cfdbinfo", - "cfdocument", "cfcollection", "cfpdf", "cfzip", "cfldap" }); - final static Collection variables = Arrays.asList("APPLICATION", "CGI", "COOKIE", "FORM", "REQUEST", - "SERVER", "SESSION", "URL"); + private final Map> checkElementAttributes = new HashMap>(); + private final List checkNames = Arrays.asList(CF.CFQUERY, CF.CFSTOREDPROC, CF.CFFEED, CF.CFDIRECTORY, + CF.CFFORM, CF.CFFTP, CF.CFOBJECT, CF.CFSEARCH, CF.CFPROCRESULT, CF.CFPOP, CF.CFREGISTRY, CF.CFREPORT, + CF.CFDBINFO, CF.CFDOCUMENT, CF.CFCOLLECTION, CF.CFPDF, CF.CFZIP, CF.CFLDAP); + private final Collection scopes = Arrays.asList(CF.APPLICATION, CF.CGI, CF.COOKIE, CF.FORM, CF.REQUEST, + CF.SERVER, CF.SESSION, CF.URL); @Override public void expression(final CFExpression expression, final Context context, final BugList bugs) { @@ -57,19 +58,18 @@ public void expression(final CFScriptStatement expression, final Context context } public VarScoper() { - // CHECK_ELEMENT_ATTRIBUTES.put("cfloop", - // Arrays.asList("index","item")); - CHECK_ELEMENT_ATTRIBUTES.put("cfinvoke", Arrays.asList("returnvariable")); - CHECK_ELEMENT_ATTRIBUTES.put("cffile", Arrays.asList(VARIABLE)); - CHECK_ELEMENT_ATTRIBUTES.put("cfsavecontent", Arrays.asList(VARIABLE)); - CHECK_ELEMENT_ATTRIBUTES.put("cfhttp", Arrays.asList(RESULT)); - CHECK_ELEMENT_ATTRIBUTES.put("cfquery", Arrays.asList(RESULT)); - CHECK_ELEMENT_ATTRIBUTES.put("cfmail", Arrays.asList("query")); - CHECK_ELEMENT_ATTRIBUTES.put("cfftp", Arrays.asList(RESULT)); - CHECK_ELEMENT_ATTRIBUTES.put("cfwddx", Arrays.asList("output")); - CHECK_ELEMENT_ATTRIBUTES.put("cfexecute", Arrays.asList(VARIABLE)); - CHECK_ELEMENT_ATTRIBUTES.put("cfntauthenticate", Arrays.asList(RESULT)); - CHECK_ELEMENT_ATTRIBUTES.put("cfxml", Arrays.asList(VARIABLE)); + // checkElementAttributes.put(CF.CFLOOP, Arrays.asList(CF.index, CF.ITEM)); + checkElementAttributes.put(CF.CFINVOKE, Arrays.asList(CF.RETURNVARIABLE)); + checkElementAttributes.put(CF.CFFILE, Arrays.asList(VARIABLE)); + checkElementAttributes.put(CF.CFSAVECONTENT, Arrays.asList(VARIABLE)); + checkElementAttributes.put(CF.CFHTTP, Arrays.asList(RESULT)); + checkElementAttributes.put(CF.CFQUERY, Arrays.asList(RESULT)); + checkElementAttributes.put(CF.CFMAIL, Arrays.asList(CF.QUERY)); + checkElementAttributes.put(CF.CFFTP, Arrays.asList(RESULT)); + checkElementAttributes.put(CF.CFWDDX, Arrays.asList(CF.OUTPUT)); + checkElementAttributes.put(CF.CFEXECUTE, Arrays.asList(VARIABLE)); + checkElementAttributes.put(CF.CFNTAUTHENTICATE, Arrays.asList(RESULT)); + checkElementAttributes.put(CF.CFXML, Arrays.asList(VARIABLE)); } @@ -77,11 +77,11 @@ public VarScoper() { public void element(final Element element, final Context context, final BugList bugs) { final String name = element.getName(); if (name != null && name.trim().length() > 0 && context.isInFunction()) { - if (CHECK_NAMES.contains(name.toLowerCase())) { - assertVariable(element, context, bugs, element.getAttributeValue("name")); + if (checkNames.contains(name.toLowerCase())) { + assertVariable(element, context, bugs, element.getAttributeValue(CF.NAME)); } - if (CHECK_ELEMENT_ATTRIBUTES.containsKey(name.toLowerCase())) { - for (final String attrName : CHECK_ELEMENT_ATTRIBUTES.get(name.toLowerCase())) { + if (checkElementAttributes.containsKey(name.toLowerCase())) { + for (final String attrName : checkElementAttributes.get(name.toLowerCase())) { assertVariable(element, context, bugs, element.getAttributeValue(attrName)); } } @@ -97,7 +97,7 @@ protected void assertVariable(final Element element, final Context context, fina } private boolean isGlobal(final String nameVar) { - return nameVar != null && variables.contains(nameVar.toUpperCase().trim()); + return nameVar != null && scopes.contains(nameVar.toLowerCase().trim()); } } diff --git a/src/main/java/com/cflint/plugins/core/VariableNameChecker.java b/src/main/java/com/cflint/plugins/core/VariableNameChecker.java index 9b40157be..784d88f35 100644 --- a/src/main/java/com/cflint/plugins/core/VariableNameChecker.java +++ b/src/main/java/com/cflint/plugins/core/VariableNameChecker.java @@ -4,6 +4,7 @@ import java.util.Collections; import java.util.List; +import com.cflint.CF; import com.cflint.Levels; import com.cflint.BugList; import com.cflint.plugins.CFLintScannerAdapter; @@ -33,24 +34,24 @@ public void element(final Element element, final Context context, final BugList final String elementName = element.getName(); final int begLine = element.getSource().getRow(element.getBegin()); - if (elementName.equals("cfquery")) { - if (element.getAttributeValue("name") != null) { - final String varName = element.getAttributeValue("name") != null ? element.getAttributeValue("name") + if (elementName.equals(CF.CFQUERY)) { + if (element.getAttributeValue(CF.NAME) != null) { + final String varName = element.getAttributeValue(CF.NAME) != null ? element.getAttributeValue(CF.NAME) : ""; checkNameForBugs(context, varName, varName, context.getFilename(), context.getFunctionName(), begLine, bugs); } - } else if (elementName.equals("cfinvoke")) { - if (element.getAttributeValue("returnvariable") != null) { - final String varName = element.getAttributeValue("returnvariable") != null - ? element.getAttributeValue("returnvariable") : ""; + } else if (elementName.equals(CF.CFINVOKE)) { + if (element.getAttributeValue(CF.RETURNVARIABLE) != null) { + final String varName = element.getAttributeValue(CF.RETURNVARIABLE) != null + ? element.getAttributeValue(CF.RETURNVARIABLE) : ""; checkNameForBugs(context, varName, varName, context.getFilename(), context.getFunctionName(), begLine, bugs); } - } else if (elementName.equals("cfloop")) { - if (element.getAttributeValue("index") != null || element.getAttributeValue("item") != null) { - final String varName = element.getAttributeValue("index") != null ? element.getAttributeValue("index") - : (element.getAttributeValue("item") != null ? element.getAttributeValue("item") : ""); + } else if (elementName.equals(CF.CFLOOP)) { + if (element.getAttributeValue(CF.INDEX) != null || element.getAttributeValue(CF.ITEM) != null) { + final String varName = element.getAttributeValue(CF.INDEX) != null ? element.getAttributeValue(CF.INDEX) + : (element.getAttributeValue(CF.ITEM) != null ? element.getAttributeValue(CF.ITEM) : ""); checkNameForBugs(context, varName, varName, context.getFilename(), context.getFunctionName(), begLine, bugs); } diff --git a/src/main/java/com/cflint/tools/CFMLTagInfo.java b/src/main/java/com/cflint/tools/CFMLTagInfo.java index d06b13a8b..8875e4453 100644 --- a/src/main/java/com/cflint/tools/CFMLTagInfo.java +++ b/src/main/java/com/cflint/tools/CFMLTagInfo.java @@ -4,6 +4,7 @@ import cfml.dictionary.Return; import cfml.dictionary.SyntaxDictionary; import cfml.dictionary.Tag; +import com.cflint.CF; import net.htmlparser.jericho.Element; public class CFMLTagInfo { @@ -38,7 +39,7 @@ public boolean isAssignmentAttribute(final Element elem, final String attributeN public boolean isAssignmentAttribute(final String elementName, final String attributeName) { if ((elementName != null) && (attributeName != null)) { // Hardcoded exceptions to the dictionary - if (elementName.toLowerCase().equals("cfprocparam")) { + if (elementName.toLowerCase().equals(CF.CFPROCPARAM)) { return attributeName.equalsIgnoreCase("variable"); } final Tag tag = dictionary.getTag(elementName.toLowerCase());