Static, Lightweight Includes Resolution for PHP

Dynamic languages include a number of features that are challenging to model properly in static analysis tools. In PHP, one of these features is the include expression, where an arbitrary expression provides the path of the file to include at runtime. In this paper we present two complementary analyses for statically resolving PHP includes, one that works at the level of individual PHP files, and one targeting PHP programs possibly consisting of multiple scripts. To evaluate the effectiveness of these analyses we have applied the first to a corpus of 20 open-source systems, totaling more than 4.5 million lines of PHP, and the second to a number of programs from a subset of these systems. Our results show that, in many cases, includes can be resolved to a specific file or a small subset of possible files, enabling better IDE features and more advanced program analysis tools for PHP.

Conference paper

Proceedings of the 29th IEEE/ACM International Conference on Automated Software Engineering (ASE 2014)