Report on missing exit after redirect

Fixes #54

Author: david-binda

WordPressVIPMinimum/Sniffs/VIP/ExitAfterRedirectSniff.php

@@ -0,0 +1,68 @@
+<?php
+/**
+ * WordPress-VIP-Minimum Coding Standard.
+ *
+ * @package VIPCS\WordPressVIPMinimum
+ * @link https://github.com/Automattic/VIP-Coding-Standards
+ */
+
+namespace WordPressVIPMinimum\Sniffs\VIP;
+
+use PHP_CodeSniffer_File as File;
+use PHP_CodeSniffer_Tokens as Tokens;
+
+/**
+ * Require `exit;` being called after wp_redirect and wp_safe_redirect.
+ *
+ *  @package VIPCS\WordPressVIPMinimum
+ */
+class ExitAfterRedirectSniff implements \PHP_CodeSniffer_Sniff {
+
+	/**
+	 * Returns an array of tokens this test wants to listen for.
+	 *
+	 * @return array
+	 */
+	public function register() {
+		return Tokens::$functionNameTokens;
+	}
+
+	/**
+	 * Process this test when one of its tokens is encountered
+	 *
+	 * @param \PHP_CodeSniffer\Files\File $phpcsFile The file being scanned.
+	 * @param int                         $stackPtr  The position of the current token in the stack passed in $tokens.
+	 *
+	 * @return void
+	 */
+	public function process( File $phpcsFile, $stackPtr ) {
+
+		$tokens = $phpcsFile->getTokens();
+
+		if ( 'wp_redirect' !== $tokens[ $stackPtr ]['content'] && 'wp_safe_redirect' !== $tokens[ $stackPtr ]['content'] ) {
+			return;
+		}
+
+		$openBracket = $phpcsFile->findNext( Tokens::$emptyTokens, ( $stackPtr + 1 ), null, true );
+
+		if ( T_OPEN_PARENTHESIS !== $tokens[ $openBracket ]['code'] ) {
+			return;
+		}
+
+		$next_token = $phpcsFile->findNext( array_merge( Tokens::$emptyTokens, array( T_SEMICOLON, T_CLOSE_PARENTHESIS ) ), ( $tokens[ $openBracket ]['parenthesis_closer'] + 1 ), null, true );
+
+		if ( T_OPEN_CURLY_BRACKET === $tokens[ $next_token ]['code'] ) {
+			$is_exit_in_scope = false;
+			for ( $i = $tokens[ $next_token ]['scope_opener']; $i <= $tokens[ $next_token ]['scope_closer']; $i++ ) {
+				if ( T_EXIT === $tokens[ $i ]['code'] ) {
+					$is_exit_in_scope = true;
+				}
+			}
+			if ( false === $is_exit_in_scope ) {
+				$phpcsFile->addError( sprintf( '%s should almost always be followed by a call to exit;', $tokens[ $stackPtr ]['content'] ), $stackPtr, 'NoExitInConditional' );
+			}
+		} elseif ( T_EXIT !== $tokens[ $next_token ]['code'] ) {
+			$phpcsFile->addError( sprintf( '%s should almost always be followed by a call to exit;', $tokens[ $stackPtr ]['content'] ), $stackPtr, 'NoExit' );
+		}
+	}//end process()
+}

WordPressVIPMinimum/Tests/VIP/ExitAfterRedirectUnitTest.inc

@@ -0,0 +1,13 @@
+<?php
+
+wp_redirect( 'https://vip.wordpress.com' ); //Ok.
+
+exit();
+
+wp_safe_redirect( 'https.//vip.wordpress.com' ); // NOK.
+
+wp_redirect( 'https://vip.wordpress.com' ); // NOK.
+
+if ( wp_redirect( 'https://vip.wordpress.com' ) ) { //Ok.
+	exit;
+}

WordPressVIPMinimum/Tests/VIP/ExitAfterRedirectUnitTest.php

@@ -0,0 +1,41 @@
+<?php
+/**
+ * Unit test class for WordPressVIPMinimum Coding Standard.
+ *
+ * @package VIPCS\WordPressVIPMinimum
+ */
+
+namespace WordPressVIPMinimum\Tests\VIP;
+
+use PHP_CodeSniffer\Tests\Standards\AbstractSniffUnitTest;
+
+/**
+ * Unit test class for the ExitAfterRedirect sniff.
+ *
+ * @package VIPCS\WordPressVIPMinimum
+ */
+class FlushRewriteRulesUnitTest extends AbstractSniffUnitTest {
+
+	/**
+	 * Returns the lines where errors should occur.
+	 *
+	 * @return array <int line number> => <int number of errors>
+	 */
+	public function getErrorList() {
+		return array(
+			7 => 1,
+			9 => 1,
+		);
+	}
+
+	/**
+	 * Returns the lines where warnings should occur.
+	 *
+	 * @return array <int line number> => <int number of warnings>
+	 */
+	public function getWarningList() {
+		return array();
+
+	}
+
+} // End class.

ruleset_test.inc

@@ -167,5 +167,7 @@ echo "<a href='" . esc_attr( $some_var ) . "'></a>"; // NOK. Error.
 
 $hello = true === isset( $_GET['utm_medium'] ) ? true : false; // NOK. Warning 3 times.
 
+wp_safe_redirect( 'https.//vip.wordpress.com' ); // NOK. Error.
+
 ?>
 

ruleset_test.php

@@ -49,7 +49,8 @@
 		133 => 1,
 		157 => 1,
 		166 => 1,
-		170 => 1, // Error on the end of the file. When any code is added, bounce this.
+		170 => 1,
+		172 => 1, // Error on the end of the file. When any code is added, bounce this.
 	),
 	'warnings' => array(
 		9   => 1,