About the Author

Chris Shiflett is an author and speaker who leads the web application security practice at OmniTI.

PHP Advent Calendar Day 17

Mon, 17 Dec 2007 at 22:49:30 GMT
6 Comments
References

Today's entry is provided by Ilia Alshanetsky.

Ilia Alshanetsky

Name: Ilia Alshanetsky
Blog: ilia.ws
Biography: Ilia Alshanetsky is an active member of the PHP development team and is the current release manager for PHP 5.2. Ilia is also the principal developer of FUDforum, an open source bulletin board, and he contributes to several other projects.
Location: Toronto, Canada

I often work with very large projects that contain hundreds or even thousands of files, and I have observed a common and rather embarrassing mistake: parse errors. Developers forget to check the syntax of their code, and as a result, the application starts displaying E_PARSE errors to users. Fortunately, there is an easy way to quickly check your code for silly parse errors with the following command:

find /path/to/code -name \*.php | xargs -n1 php -l

This command searches through the /path/to/code directory for all files with a .php extension (adjust as necessary to match your own naming conventions; add another extension such as .inc by appending -o -name \*.inc to the find command) and passes them one at a time to PHP's CLI binary with -l to indicate lint mode. In this mode, the file is parsed but not executed, and any existing parse errors will be identified. The scripts stops execution if a parse error is encountered.

You can typically check few hundred files for parse errors within a few seconds. You now have no excuse for allowing parse errors to escape into the wild. :-)

About This Post

PHP Advent Calendar Day 17 was posted on Mon, 17 Dec 2007 at 22:49:30 GMT.

6 Comments

1. Braden said:

To speed this trick up a bit, use subversion to find and lint modified files, as suggested by Maggie Nelson:

svn stat | grep -E ".php$" | awk "{print \"php -l \" \$2}" | sh
Mon, 17 Dec 2007 at 23:49:03 GMT Link

2. Amit Pansare said:

Thank you Ilia.

This is going into my pre-build script.

Hmm, Chris, you should do a post on what an ideal pre-build script should have.

Mon, 17 Dec 2007 at 23:52:05 GMT Link

3. Sergio V said:

Good post. Just want to note you can do it all with a single command:
find /path/to/code -name '*.php' -exec php -l {} \;
Cheers!
Tue, 18 Dec 2007 at 03:03:35 GMT Link

4. Matt Southerden said:

IMHO, this kind of error should be caught by your unit and functional tests. Though maybe it could run as a safety net after the build (which would cause a build failure), prompting the examination of the test coverage?
Tue, 18 Dec 2007 at 11:30:24 GMT Link

5. Lode Claassen said:

It works great!

However, it hangs on some files which I deliberately made non-php. I maybe should not make this .php files. But would there be another way of just excluding them from the search?
Mon, 24 Dec 2007 at 13:05:55 GMT Link

6. Andrew Johnstone said:

How about you do a lint check in a svn hook, thus avoiding syntax errors... PHP syntax check

Mon, 31 Dec 2007 at 08:35:04 GMT Link

Joseph Crawford wrote:: 404 not found :( What's with this OpenID thing, you know how long it took me to figure out I h...; Posted in Zend Framework Tutorial
Laurent Cottereau wrote:: I am very interested in the possibilities of this service. However, I am wondering about what is ...; Posted in OpenID with myVidoop
Zac wrote:: Awesome code! Thanks!; Posted in Convert Smart Quotes with PHP
Muttley wrote:: Thanks for this, Shiffers. I've been working on a similar thing, using a similar method, so it's ...; Posted in Allowing HTML and Preventing XSS
hossein wrote:: Hi! May you give me an example how to use mcrypt_encrypt() in order to save passwrod in databa...; Posted in OpenID with myVidoop