On Using Static Analysis to Detect Type Errors in PHP Applications
The authors describe their experience in using abstract interpretation to analyze applications written in PHP. Their work focuses on reconstructing type information from mostly un-annotated code. They present the abstract domain of their analysis, focusing on the features that improve analysis precision. They have implemented their approach as a tool that supports the full specification of PHP 5. They describe several bugs that they were able to find in deployed web applications. PHP is a very popular scripting language. PHP scripts are behind many web sites, including wikis, content management systems, and social networking web sites.