Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarLint
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarCloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube

Secrets
ABAP
Apex
AzureResourceManager
C
C++
CloudFormation
COBOL
C#
CSS
Docker
Flex
Go
HTML
Java
JavaScript
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Scala
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML

PHP static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your PHP code

Tags

Class of caught exception should be defined
Bug
Caught Exceptions must derive from Throwable
Bug
Raised Exceptions must derive from Throwable
Bug
"$this" should not be used in a static context
Bug
Regular expressions should have valid delimiters
Bug
Regex lookahead assertions should not be contradictory
Bug
Back references in regular expressions should only refer to capturing groups that are matched before the reference
Bug
Regex boundaries should not be used in a way that can never be matched
Bug
Regex patterns following a possessive quantifier should not always fail
Bug
Assertion failure exceptions should not be ignored
Bug
References used in "foreach" loops should be "unset"
Bug
The number of arguments passed to a function should match the number of parameters
Bug
Non-empty statements should change control flow or have at least one side-effect
Bug
Variables should be initialized before use
Bug
Replacement strings should reference existing regular expression groups
Bug
Alternation in regular expressions should not contain empty alternatives
Bug
Unicode Grapheme Clusters should be avoided inside regex character classes
Bug
Assertions should not compare an object to itself
Bug
Regex alternatives should not be redundant
Bug
Alternatives in regular expressions should be grouped when used with anchors
Bug
Array values should not be replaced unconditionally
Bug
Exceptions should not be created without being thrown
Bug
Array or Countable object count comparisons should make sense
Bug
All branches in a conditional structure should not have exactly the same implementation
Bug
The output of functions that don't return anything should not be used
Bug
Unary prefix operators should not be repeated
Bug
Non-existent operators like "=+" should not be used
Bug
A "for" loop update clause should move the counter in the right direction
Bug
Return values from functions without side effects should not be ignored
Bug
Values should not be uselessly incremented
Bug
Related "if/else if" statements and "cases" in a "switch" should not have the same condition
Bug
Objects should not be created to be dropped immediately without being used
Bug
Identical expressions should not be used on both sides of a binary operator
Bug
All code should be reachable
Bug
Loops with at most one iteration should be refactored
Bug
Short-circuit logic should be used to prevent null pointer dereferences in conditionals
Bug
Variables should not be self-assigned
Bug
Useless "if(true) {...}" and "if(false){...}" blocks should be removed
Bug
All "catch" blocks should be able to catch exceptions
Bug
Repeated patterns in regular expressions should not match the empty string
Bug
"require_once" and "include_once" should be used instead of "require" and "include"
Bug
Method visibility should be explicitly declared
Bug
Function and method parameters' initial values should not be ignored
Bug
"exit(...)" and "die(...)" statements should not be used
Bug
Assertions should not be made at the end of blocks expecting an exception
Bug
Regular expressions should be syntactically valid
Bug
Only one method invocation is expected when testing exceptions
Bug
Files that define symbols should not cause side-effects
Bug
Static members should be referenced with "static::"
Bug
Errors should not be silenced
Bug
Files should not contain characters before "<?php"
Bug

References used in "foreach" loops should be "unset"

Bug

CriticalSonarSource default severity
click to learn more

pitfall

Why is this an issue?

In PHP, references allow you to create multiple names for the same variable, enabling you to access and manipulate its value through different identifiers. They are denoted by the ampersand symbol & placed before the variable name during declaration or assignment.

When a reference is used in a foreach loop instead of using a simple variable, the reference remains assigned and keeps its "value" which is a reference, even after the foreach execution.

What is the potential impact?

Not unsetting the reference can lead to bugs later in the code, as most of the time, this behavior is different from what the developer is expecting. For example, the reference may be used incorrectly with the previous value.

To avoid unexpected side effects, it is recommended to always unset a reference that is used in a foreach loop.

How to fix it in Core PHP

Unset the reference that is used in the foreach loop.

Code examples

Noncompliant code example

$arr = array(1, 2, 3);
foreach ($arr as &$value) { // Noncompliant; $value is still alive after the loop and references the last item of the array: $arr[2]
    $value = $value * 2;
}
$value = 'x';

Compliant solution

$arr = array(1, 2, 3);
foreach ($arr as &$value) { // Compliant; there is no risk to use by mistake the content of $value pointing to $arr[2]
    $value = $value * 2;
}
unset($value);
$value = 'x';

Resources

Documentation

PHP Documentation:

References
Foreach

Articles & blog posts

References and Foreach

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

© 2008-2023 SonarSource S.A., Switzerland. All content is copyright protected. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, and SONARCLOUD are trademarks of SonarSource S.A. All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.
Privacy Policy | Cookie Policy

In-IDE

SaaS

Self-Hosted