Php Inspections (EA Extended)

Compatible with: IntelliJ IDEA PhpStorm
Jan 02, 2019
423 063
For support and donations please visit Github | Issues | PayPal | Patreon.

For status updates and release announcements please follow me at Twitter.

This plugin is a Static Code Analysis tool for PHP (aka inspections in JetBrains products).

It covers:
- architecture related issues
- weak types control and possible code construct simplifications
- performance issues
- non-optimal, duplicate and suspicious "if" conditions
- validation of magic methods usage
- regular expressions
- compatibility issues
- variety of time-consuming bugs
- PhpUnit API usage
- security issues

Some of inspections are expecting conditional statements (e.g. "if") to use group statement for wrapping body expressions. If this requirement is met then additional inspections are applied to the source code.

For Mac shortcuts, see this reference card. Windows/Linux ones are:
Alt + Shift + I to inspect current file with current profile
Ctrl + Alt + Shift + I to run inspection by name
Ctrl + Shift + F4 to close results of inspection.

On some projects CPU and therefore battery usage could be intensive, so it should be taken into account when traveling with a laptop.

Note: we are sending anonymous crash-reports to Google Analytics. You are welcome to review the implementation or disable the reporting in IDE settings.

A big thank you to our supporters: IntelliShop AG (Karlsruhe, Germany), Pixel & Tonic (Bend, USA) and OSS supporters on Patreon

Download plugin

Recent change notes

Bug-fixes and new features. Supporters via Patreon are wanted.

- Callable parameter usage violates definition: resolved false-positives (multiple cases)
- Non-optimal regular expression: resolved false-positives (multiple cases)
- Null reference: resolved false-positives (multiple cases)
- Parameter/variable is not used: introduced new setting (ignore inclusion statements)
- Statement could be decoupled from foreach: resolved false-positives (skip html templating)
- Suspicious binary operations: reworked hardcoded constants reporting
- Unnecessary call arguments specification: enabled by default

- Basic malware patterns: new patterns
- Nested assignments usage: implemented (needs activation)
- Variable functions usage: new patterns
- 'instanceof' can be used: new patterns (thank you @orklah the specification)
- 'parent' keyword misused: implemented