Skip to content

CLAUDE.md

Latest commit

 

History

History
62 lines (43 loc) · 2.57 KB

CLAUDE.md

File metadata and controls

62 lines (43 loc) · 2.57 KB

CLAUDE.md

This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.

Project Overview

spaze/phpinfo is a small PHP library that captures phpinfo() output and:

  • Strips the full HTML page wrapper, returning only the content table in a <div id="phpinfo">
  • Moves inline style="color: #..." attributes to CSS classes (CSP compliance, no unsafe-inline)
  • Sanitizes sensitive values (session IDs by default) from the output
  • Ships an external src/assets/info.css that recreates the original phpinfo styling including dark mode

Commands

composer test       # Run all checks: lint, phpcs, phpstan, tester
composer lint       # PHP syntax check (php-parallel-lint) on src/
composer phpcs      # PHP CodeSniffer on src/
composer phpstan    # Static analysis at max level on src/
composer tester     # Run the Nette/Tester test suite on tests/

Run a single test file:

vendor/nette/tester/src/tester --colors 1 tests/PhpInfoTest.phpt

Architecture

Two classes, one asset

src/PhpInfo.php — main entry point. Buffers phpinfo(), extracts just the <table> with a regex, rewrites inline color styles to CSS classes, and delegates sanitization.

src/SensitiveValueSanitizer.php — handles string replacement. Auto-detects the active session ID (via session_id() or the session cookie), URL-encodes it to catch both forms, and uses strtr() for replacement. Supports custom sanitization entries via addSanitization(). Can be injected into PhpInfo or used standalone.

src/assets/info.css — scoped to #phpinfo, defines the color classes (color-FF8000, etc.) generated by PhpInfo::getHtml(), includes @media (prefers-color-scheme: dark).

Fluent configuration

Both classes expose a fluent interface:

$phpInfo = (new PhpInfo())
    ->addSanitization($secretValue)
    ->addSanitization($anotherSecret, '[REDACTED]');

echo $phpInfo->getHtml();

doNotSanitizeSessionId() exists but is deliberately named to discourage use.

Testing

Tests use Nette/Tester (.phpt files), not PHPUnit. tests/TestSessionHandler.php is a mock SessionHandlerInterface + SessionIdInterface that provides a fixed session ID during tests.

Code Standards

  • declare(strict_types = 1) in every file
  • PHPStan at max level (including bleedingEdge ruleset)
  • PHP CodeSniffer using spaze/coding-standard
  • Indentation: tabs; line endings: LF
  • Namespace: Spaze\PhpInfo; PSR-4 autoloading from src/
  • Supported PHP versions: 8.0–8.5 (CI tests all of them, including --prefer-lowest)