Is there a static code analyzer for PHP files? The binary itself can check for syntax errors, but I'm looking for something that does more, like unused variable assignments, arrays that are assigned into without being initialized first, and possibly code style warnings. Open-source programs would be preferred, but we might convince the company to pay for something if it's highly recommended.
unitialized variables check Link 1 and 2 already seem to do this just fine though.
I can't say i have used any of these intensively though :)
For static analysis, there are php-sat, php-ast, PHP_Depend and PHP_CodeSniffer, that I know of. These are fairly high level tools; You can also dabble in stuff like PHP_Parser or the more primitive token_get_all function. Finally, you can also run php in lint-mode (php -l FILENAME
), from the command line. It will check the file for valid syntax (eg. parse it), but won't execute it.
There are also some runtime analysis options, which are more useful for some things, because of PHPs dynamic nature. Xdebug has a few nifty features, such as code coverage and function traces. Just recently, I put a small tool together, using a combined static/dynamic approach, which builds on xdebugs function traces.
And of course, there are phpdoc and doxygen, which both perform a kind of code analysis (Doxygen can be configured to render nice inheritance graphs with graphviz)
A recent newcomer is xhprof, which can do much of the same things as xdebug, but the extension is more lightweight, making it better suitable for running on a production server, and it includes a nice php-based interface.
PHP PMD (project mess detector) and PHP CPD (copy paste detector) as the former part of PHPUnit
See Semantic Designs' CloneDR, a "clone detection" tool that finds copy/paste/edited code. It will find exact and near miss code fragments, inspite of whitespace, comments and even variable renamings. A sample detection report for PHP can be found at the wesite.
There a new tool called nWire for PHP. It is a code exploration plugin for Eclipse PDT and Zend Studio 7.x. It enables real-time code analysis for PHP and provides the following tools:
- Code visualization - interactive graphical representation of components and associations.
- Code navigation - unique navigation view shows all the associations and works with you while you write or read code.
- Quick search - search as you type for methods, fields, file, etc.
The NetBeans IDE checks for syntax errors, unusued variables and such. It's not automated, but works fine for small or medium projects.