Skip to content

Instantly share code, notes, and snippets.

@Halleck45

Halleck45/php-grep.sh

Created November 25, 2015 15:20
Show Gist options
  • Save Halleck45/e9d8fc72f1709254861e to your computer and use it in GitHub Desktop.
Save Halleck45/e9d8fc72f1709254861e to your computer and use it in GitHub Desktop.
Download ZIP
php-grep.sh
Raw
php-grep.sh
#!/bin/bash
# Metrics for PHP
#
# author: Jean-François Lépine
echo "PHPMetrics, by Jean-François Lépine"
echo
folder=$1
if [ ! -d "$folder" ]; then
echo "Given folder doesn't exist"
exit 0
fi
echo 'LOC: '
echo '----------'
echo -n "Number of PHP files: "
find $folder -iname "*.php" | wc -l
echo "Number of lines by file: "
find $folder -iname "*.php" | xargs wc -l | sort -rn | head
echo
echo 'SQL: '
echo '----------'
echo -n "Number of mysql_queries: "
grep -r "mysql_query" $folder | wc -l
echo -n "Number of mysql_escape_string: "
grep -r mysql_escape_string $folder | wc -l
echo -n "Number of mysql_real_escape_string: "
grep -r mysql_escape_string $folder | wc -l
echo -n "Number of mysql_error: "
grep -r mysql_error $folder | wc -l
echo -n "Number of PDO queries: "
grep -r '>query(' $folder | wc -l
echo -n "Number of PDO quote: "
grep -r '>quote(' $folder | wc -l
echo -n "Number of 'SELECT ': "
grep -r -i "SELECT " $folder | wc -l
echo -n "Number of 'SELECT *': "
grep -r -i "SELECT \*" $folder | wc -l
echo -n "Number of 'WHERE ': "
grep -r -i "WHERE " $folder | wc -l
#echo -n "Number of SELECT by file: "
#echo
#for file in `find $folder -iname "*.php"`
#do
# cnt=`ack-grep --nogroup --php "SELECT " "$file" | wc -l`
# echo " $cnt $file"
#done |sort -rn |head
echo
echo 'Escaping: '
echo '----------'
echo -n "Number of \$_GET: "
grep -r "\$_GET" $folder |wc -l
echo -n "Number of \$_POST: "
grep -r "\$_POST" $folder |wc -l
echo -n "Number of \$_REQUEST: "
grep -r "\$_REQUEST" $folder |wc -l
echo -n "Number of filter_: "
grep -r "filter_" $folder | wc -l
echo -n "Number of addslashes: "
grep -r "addslashes" $folder |wc -l
echo -n "Number of html_entities: "
grep -r "html_entities" $folder |wc -l
#echo -n "Number of \$_GET or \$_POST by file: "
#echo
#for file in `find $folder -iname "*.php"`
#do
# cnt=`ack-grep "_(POST|GET|REQUEST)" "$file" | wc -l`
# echo " $cnt $file"
#done |sort -rn |head
echo
echo 'Prints: '
echo '----------'
echo -n "Number of echo: "
grep -r "echo" $folder |wc -l
echo -n "Number of var_dump: "
grep -r "var_dump" $folder |wc -l
echo -n "Number of print_r: "
grep -r "print_r" $folder |wc -l
echo
echo 'Files: '
echo '----------'
echo -n "Number of fopen: "
grep -r "fopen" $folder |wc -l
echo -n "Number of fget: "
grep -r "fget" $folder |wc -l
echo -n "Number of file_put_contents: "
grep -r "file_put_contents" $folder |wc -l
echo -n "Number of file_get_content: "
grep -r "file_get_content" $folder |wc -l
echo -n "Number of fclose: "
grep -r "fclose" $folder |wc -l
echo -n "Number of flock: "
grep -r "flock" $folder |wc -l
echo
echo 'Encoding: '
echo '----------'
echo -n "Number of utf8_encode: "
grep -r "utf8_encode" $folder |wc -l
echo -n "Number of utf8_decode: "
grep -r "utf8_decode" $folder |wc -l
echo -n "Number of mb_convert: "
grep -r "mb_convert" $folder |wc -l
echo -n "Number of mb_detect_encoding: "
grep -r "mb_detect_encoding" $folder |wc -l
echo -n "Number of iconv: "
grep -r "iconv" $folder |wc -l
echo
echo 'Flow: '
echo '----------'
echo -n "Number of die: "
grep -r "die(" $folder |wc -l
echo -n "Number of exit: "
grep -r "exit" $folder |wc -l
echo -n "Number of register_shutdown_function: "
grep -r "register_shutdown_function" $folder |wc -l
echo
echo 'Execution: '
echo '----------'
echo -n "Number of assert: "
grep -r "assert(" $folder |wc -l
echo -n "Number of exec: "
grep -r "exec" $folder |wc -l
echo -n "Number of passthru: "
grep -r "passthru" $folder |wc -l
echo -n "Number of popen: "
grep -r "popen" $folder |wc -l
echo -n "Number of proc_close: "
grep -r "proc_close" $folder |wc -l
echo -n "Number of proc_open: "
grep -r "proc_open" $folder |wc -l
echo -n "Number of shell_exec: "
grep -r "shell_exec" $folder |wc -l
echo -n "Number of system: "
grep -r "system" $folder |wc -l
echo
echo 'Env: '
echo '----------'
echo -n "Number of getenv: "
grep -r "getenv" $folder |wc -l
echo -n "Number of apache_getenv: "
grep -r "apache_getenv" $folder |wc -l
echo -n "Number of putenv: "
grep -r "putenv" $folder |wc -l
echo -n "Number of apache_setenv: "
grep -r "apache_setenv" $folder |wc -l
echo
echo 'XSS: '
echo '----------'
echo -n "Number of echo \$_: "
grep -r "echo[[:space:]]+.*\$(_ENV|_GET|_POST|_COOKIE|_REQUEST|_SERVER|HTTP|http).*" $folder |wc -l
echo -n "Number of print \$_: "
grep -r "print[[:space:]]+.*\$(_ENV|_GET|_POST|_COOKIE|_REQUEST|_SERVER|HTTP|http).*" $folder |wc -l
echo -n "Number of <?= \$_: "
grep -r "\<\?\=\$(_ENV|_GET|_POST|_COOKIE|_REQUEST|_SERVER|HTTP|http)" $folder |wc -l
echo
echo 'Misc: '
echo '----------'
echo -n "Number of Magic methods: "
grep -r "__" $folder |wc -l
echo -n "Number of call_user_func: "
grep -r "call_user_func" $folder |wc -l
echo -n "Number of extract: "
grep -r "extract" $folder |wc -l
echo -n "Number of throw: "
grep -r "throw" $folder |wc -l
echo -n "Number of eval: "
grep -r "eval" $folder |wc -l
echo -n "Number of Inline comments: "
grep -r "//" $folder |wc -l
echo -n "Number of block comments: "
grep -r "/\*" $folder |wc -l
echo -n "Number of spl_autoload: "
grep -r "spl_autoload" $folder |wc -l
echo -n "Number of global: "
grep -r "global " $folder |wc -l
echo -n "Number of include: "
grep -r "include" $folder |wc -l
echo -n "Number of require: "
grep -r "require" $folder |wc -l
echo -n "Number of phpinfo: "
grep -r "phpinfo" $folder |wc -l
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment