PHP language logo

PHP static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your PHP code

Get started for free
  • .Bug
  • .Security Vulnerability
  • .Security Hotspot
  • .Code Smell

Frameworks

Support for Laravel, Symfony, Zend and Laminas

Dedicated rule profiles for Drupal, PSR-2

Test frameworks

PHPUnit

PHP Coverage of OWASP TOP 10 2017

PHP coverage of OWASP TOP 10 2017

Security
Vulnerability 		Security
Hotspot
A1 Injection
A2 Broken Authentication
A3 Sensitive Data Exposure
A4 XML External Entities (XXE)
A5 Broken Access control
A6 Security misconfigurations
A7 Cross Site Scripting (XSS)
A8 Insecure Deserialization
A9 Using Components with known vulnerabilities
A10 Insufficient logging and monitoring
php language logo

Get started analyzing
your Php projects
today!

Get started for free
Other languages
Java language logo
Kotlin language logo
C# language logo
VB.NET language logo
C language logo
C++ language logo
JavaScript language logo
TypeScript language
PHP language logo
Python language logo
Terraform language logo
CloudFormation language logo
ABAP language
Apex language logo
Cobol language
CSS language logo
Flex language logo
Go language logo
HTML language logo
PL/I language
PL/SQL language
RPG language
Ruby language logo
Scala language logo
Swift language logo
T-SQL language
VB6 language
XML language

Product announcements delivered directly to your inbox!

We will never share your email address or spam you

A SonarSource™ Product

Get Started

Features

Get Involved

About SonarQube

© 2008-2019, SonarSource S.A, Switzerland. All content is copyright protected. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, and SONARCLOUD are trademarks of SonarSource SA.

All other trademarks and copyrights are the property of their respective owners. All rights are expressly reserved.

Privacy Policy | Distributed under LGPL v3