False positive on PHP analysis

The rule `php_lang_raw_output_using_user_input` returns false positive.

## Description & Reproduction

Rule: `php_lang_raw_output_using_user_input` (high)
Description: Unsanitized user input in 'echo' function (XSS)
Code extract:
```<a href="?page=page&id=<?php echo absint($package_id); ?>" class="nav-tab <?php echo ($current_tab == 'thistab') ? 'nav-tab-active' : '' ?>">```

## Expected Behavior

In this case, the user-controlled inputs (`$package_id` and `$current_tab`) are not directly displayed in the page:
- `$package_id` is converted to an integer and cannot lead to XSS
- `$current_tab` is compared to a constant string and another constant string is displayed, this cannot lead to a XSS

## Actual Behavior

The rule is triggered.

## Possible Fix

Take into account the absint() and ternary operator.

## Your Environment



- Operating System and version:
- Output of 'bearer version':
```
bearer version: 1.51.0
sha: 3a762f776f3789c39fcaa4c7dc684bbc382add83
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

False positive on PHP analysis #1840

Description & Reproduction

Expected Behavior

Actual Behavior

Possible Fix

Your Environment

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

False positive on PHP analysis #1840

Description

Description & Reproduction

Expected Behavior

Actual Behavior

Possible Fix

Your Environment

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions