1

Let's say I have the following code:

$result = $thirdPartyAPI->doSomething(); // returns false if error
if ($result == false) {
    return $someErrorCode;
}

// process the valid $result

I have lots of calls to the $thirdPartyAPI spread throughout the code, so I don't want to forget about checking if $result is a valid one or an error happened.

I've checked PHP Code Sniffer and PHP Mess Detector tools, but I've found none of their rules to be appropiate for this particular case.

I'm wondering if there is a tool (such a static code analysis one) that is able to report whether I forgot to check that a returned value has a certain value.

rchavarria
  • 930
  • 10
  • 16
  • 3
    The tool you're after is called `class`. You said you're having lots of those calls spread through the code. Why not simply wrap the use scenario in a class that will deal with success and errors for you? I don't see the need for static analysis here if you can solve it using the tools we have at our disposal.. – Mjh Feb 19 '16 at 13:41
  • 1
    PHPUnit for unit testing will help, as you can validate that the code return is checking/doing something on the return values. – Steven Scott Feb 19 '16 at 20:31
  • Thanks for your thoughts @Mjh. I understand you. A `class` wrapping the functionality would save me lots of similar code. But, I will still have the same problem: that class would return a valid value or `false` in case an error happened. And I should check for both. I would be in the same situation. It could throw an exception, but I'm not a big fan of throwing them when you can check for a specific value (it's not an _exceptional_ use case) – rchavarria Feb 20 '16 at 16:30
  • Unit testing is a very good idea @StevenScott, and I was thinking of them as a possibility. But, the `$thirdPartyAPI` access to a database, so those tests won't be very fast. Additionally, it won't tell me if I forget to check the returned value if I don't write a test for that code. I would have two things to remember. But I agree with you, it could be a nice possibility to check the correctness of my code. Thanks! – rchavarria Feb 20 '16 at 16:38
  • @rchavarria Actually, the database code you would mock to keep it quick. The PHPUnit testing can also output code coverage, so you can see if you tested a scenario or not, and it also contains a skeleton generator to build the outline of what needs to be tested. Automated Testing is a definite requirement for the long haul, and quality code. – Steven Scott Feb 22 '16 at 03:13

1 Answers1

1

Since 2017 there is: PHPStan

I use it and it works like a charm. Here is simple intro to it

Tomas Votruba
  • 23,240
  • 9
  • 79
  • 115
  • 1
    Interesting. It seems it uses *type hints* to improve the static analysis. It would be useful to check that a method returns a value of the desired type. But that's not exactly what I'm looking for here. I'm looking for some tool that warns me if I forgot to check the return value, not if the method returns the right type of value. Anyway, it'd be awesome if you can share a link to some rules you think could help me. – rchavarria May 30 '17 at 10:00
  • Oh, I see now. You want a custom check, that ensures you have special code after "$thirdPartyAPI->...", right? If so, you can write a sniff for that. I can help you to set it up, just write an email: https://github.com/tomasvotruba – Tomas Votruba May 30 '17 at 18:01