Dee Ayy wrote:
> Is there a tool that can analyze PHP source code and detect if the
> code is relying on register_globals still being on? Perhaps detecting
> if a variable has not been initialized within the code?
>
> These are my specific needs, but I'm also interested in general SCA
> tools and features.
>
Sure, turn on error_reporting(E_ALL);
and let the errors flow
I would do this in a .htaccess file
php_value error_reporting E_ALL
php_flag display_errors On
You should now see all the errors being displayed to the screen. If this is
less then ideal, you could leave off the display_errors part and check your
php log file instead.
Some people will probably suggest using something like xdebug I personally
have never used a debugging tool, except for the version that Robert talks
about. Works great and never has to be reconfigured or setup more then once... :)
--
Jim Lucas
"Some men are born to greatness, some achieve greatness,
and some have greatness thrust upon them."
Twelfth Night, Act II, Scene V
by William Shakespeare
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
